Re: audit-0.6.7 released
Mounir Bsaibes
Linux Security
Tel: (512) 838-1301
Cell: (512) 762-9957
Fax: (512) 838-8858
e-mail: bsaibes(a)us.ibm.com
linux-audit-bounces(a)redhat.com wrote on 03/10/2005 12:57:07 PM:
On Thursday 10 March 2005 13:49, Mounir Bsaibes wrote:
> Now, the question: Is there any additional requirement to satisfy CAPP
> in this situation?
I can't answer this.
> Or, this is totally acceptable; since the file size can be set large
enough.
Or, maybe they do not need to put ROTATE in the max_log_file_action
parameter.
IGNORE should let the file grow until another limit/action prevents it.
I believe this is acceptable if we can prove it works correctly.
It would be nice if this is spelled out in the man page. So, the
admin would know how/what to configure.
Mounir
-Steve
--
Linux-audit mailing list
Linux-audit(a)redhat.com
http://www.redhat.com/mailman/listinfo/linux-audit