libaudit.conf(5) — Linux manual page


LIBAUDIT.CONF:(5)      System Administration Utilities     LIBAUDIT.CONF:(5)

NAME         top

       libaudit.conf - libaudit configuration file

DESCRIPTION         top

       The file /etc/libaudit.conf contains configuration information for
       user space applications that link to libaudit. The applications are
       responsible for querrying the settings in this file and obeying the
       admin's preferences. This file contains one configuration keyword per
       line, an equal sign, and then followed by appropriate configuration
       information. The keywords recognized are: failure_action.  These
       keywords are described below.

              This keyword specifies what action the admin wishes a user
              space application to take when there is a failure to send an
              audit event to the kernel. The possible values are: IGNORE
               - meaning do nothing, LOG - write to syslog the inability to
              send an audit event, and TERMINATE - the user space
              application should exit.

SEE ALSO         top


AUTHOR         top

       Steve Grubb

COLOPHON         top

       This page is part of the audit (Linux Audit) project.  Information
       about the project can be found at 
       ⟨⟩.  If you have a bug report
       for this manual page, send it to  This page
       was obtained from the project's upstream Git repository
       ⟨⟩ on 2020-11-01.
       (At that time, the date of the most recent commit that was found in
       the repository was 2020-10-20.)  If you discover any rendering prob‐
       lems in this HTML version of the page, or you believe there is a bet‐
       ter or more up-to-date source for the page, or you have corrections
       or improvements to the information in this COLOPHON (which is not
       part of the original manual page), send a mail to

Red Hat                           Oct 2009                 LIBAUDIT.CONF:(5)