Re: Duplicate settings?

On 1/20/20 9:37 AM, Steve Grubb wrote: > On Monday, January 20, 2020 9:24:56 AM EST Leam Hall wrote: >> If /etc/audit/auditd.conf encounters conflicting duplicate settings, >> >> what happens? Takes the first, takes the last, or what? For example: >> space_left = 25 >> space_left = 100 > > It overwrites the first value with the second one. You can also run: > > # service auditd state > > to see what the current value is if your audit daemon is somewhat recent. Hey Steve, thanks! We're on the default RHEL/CentOS 7 auditd, and "state" doesn't show space_left.