While working with RHEL-6 and RHEL-7 systems, and understanding that you can set rules to immutable by adding -e 2 to the end of the audit.rules file(s) I realized something.

If I want to add rules to a system due to new IT Governance, I might have to reboot every machine that gets the newly added rules.

Is this true, or can I get away with simply executing, on both versions of RHEL (6 and 7):

augenrules --check

augenrules --load

I ask, because I want to write some puppet code that is smart enough to ensure the rules are put into place. Do I really have to reboot a server in the middle of a work day or can I work around it with the use of the augenrules commands as listed above?

Thanks in advance,

--------------------------
Warron French