On RHEL 6 I am able to use the logrotate facility and compress logs using bzip2. However, when I try to use a similar method on RHEL 5, the auditd service fails to restart after the logrotate service rotates and compresses the rotated log file. I found a post by Steve Grubb posted on 29 JUN 2011:    "Logrotate should not directly rotate the audit logs. I don't supply a logrotate  configuration, but if I did it would call service auditd rotate so that auditd performs the action. The audit daemon has to fulfill certain service guarantees that logrotate does not care about. For example, if the audit disk partition gets full, auditd can take the system down. Logrotate never will. So, you have to let auditd do its own thing or you will have some issues." Is this still the case?  Paul M. Whitney paul.whitney(a)icloud.com