Re: [PATCH] audit: allow unlimited backlog queue
On Tuesday, January 14, 2014 05:59:16 PM Richard Guy Briggs wrote:
Since audit can already be disabled by "audit=0" on the
kernel boot line, or
by the command "auditctl -e 0", it would be more useful to have the
audit_backlog_limit set to zero mean effectively unlimited (limited only by
system resources).
I don't see a useful purpose to this.
-Steve