Current Red Hat Kernels 2.6.18 & 2.6.32 not able to have non-existent files in audit.rules?
Running into errors where we're pushing out a blanket audit.rules file and
some servers don't have some of the files. I've seen the -i and -c
suggestion for auditctl but wanted to confirm that that's the right choice.
We need to ensure warnings don't choke auditd or make it skip other rules.
--
Mind on a Mission <http://leamhall.blogspot.com/>
Attachments:
- attachment.html (text/html — 496 bytes)