wierd audit problems on one RHEL ES4 box

I just implemented a new rule set for auditing, and now the audit daemon won't start. It died a few hours before the logs were due to be rotated. Even though the auditd is dead, auditing is still being done, but the output is going to /var/log/messages, NOT to /var/log/audit, as before. When I did a service auditd status I got a auditd locked, but pid exists message. I tried to start it, but it wouldn't start. I rebooted, and it wouldn't come back up. I changed back to the old rule set and tried to restart. No joy. I rebooted again. It failed on start up. This is the rule set I tried: # First rule - delete all -D # Feel free to add below this line. See auditctl man page # Increase the buffers to survive stress events -b 256 -e 1 # Audit Failed opens -a exit,always -S open -F success!=0 # # Audit success and failure of delete -a exit,always -S unlink -S rmdir # # Audit success and failure of admin actions #-a task,always -F uid=0 -w /var/log/audit/ -k ADMIN -w /etc/auditd.conf -k ADMIN -w /etc/audit.rules -k ADMIN -a exit,always -S stime -S acct -S reboot -S swapon -S settimeofday -S setrlimit -a exit,always -S setdomainname -S sched_setparam -S sched_setscheduler # # Audit success and failure of login/logout # on by default with update 4. # # Audit sucess and failure of permissions -a entry,possible -S chmod -S fchmod -S chown -S chown32 -S fchown -S fchown32 -S lchown -S lchown32 I don't know whether or not this rule set is an issue, but the change and the problems occurred at about the same time. This is what I have in my auditd.conf: log_file = /var/log/audit/audit.log log_format = RAW priority_boost = 3 flush = SYNC freq = 0 num_logs = 15 max_log_file = 95 max_log_file_action = ignore space_left = 75 space_left_action = SYSLOG action_mail_acct = root admin_space_left = 50 admin_space_left_action = SUSPEND disk_full_action = SUSPEND disk_error_action = SUSPEND When I try to restart the auditd, no error messages I can see show up in /var/log/messages. I've implemented these rules on other RHEL ES 4 boxes, without problems. Any ideas what is wrong?