LIBAUDIT.CONF:(5)      System Administration Utilities     LIBAUDIT.CONF:(5)

NAME         top

       libaudit.conf - libaudit configuration file

DESCRIPTION         top

       The file /etc/libaudit.conf contains configuration information for
       user space applications that link to libaudit. The applications are
       responsible for querrying the settings in this file and obeying the
       admin's preferences. This file contains one configuration keyword per
       line, an equal sign, and then followed by appropriate configuration
       information. The keywords recognized are: failure_action.  These
       keywords are described below.

              This keyword specifies what action the admin wishes a user
              space application to take when there is a failure to send an
              audit event to the kernel. The possible values are: IGNORE
               - meaning do nothing, LOG - write to syslog the inability to
              send an audit event, and TERMINATE - the user space
              application should exit.

SEE ALSO         top


AUTHOR         top

       Steve Grubb

COLOPHON         top

       This page is part of the audit (Linux Audit) project.  Information
       about the project can be found at 
       ⟨⟩.  If you have a bug report
       for this manual page, send it to  This page
       was obtained from the project's upstream Git repository 
       ⟨⟩ on 2017-03-13.
       If you discover any rendering problems in this HTML version of the
       page, or you believe there is a better or more up-to-date source for
       the page, or you have corrections or improvements to the information
       in this COLOPHON (which is not part of the original manual page),
       send a mail to

Red Hat                           Oct 2009                 LIBAUDIT.CONF:(5)