07-13-2011
Beta17, thanks for the info. I know how to make the changes, my question is will making the change to /var/audit have any adverse affects upon the system. I don't think that it will, but, just in case, I will try it out on my workstation first and see how it works out.
10 More Discussions You Might Find Interesting
1. Solaris
I had Solaris 8 installed on a Ultra 10 machine but during a shutdown the root partition got corrupted. I have 3 other partitions on the drive (var, swap, home). Is there a way to reinstall the root partition without effecting the other partitions?
Also, when I run format from single user mode I... (4 Replies)
Discussion started by: jbestor
4 Replies
2. UNIX for Advanced & Expert Users
I have a freebsd email server which is running out of space on /usr.
du doesn't show any large directories, but df confirms that the partition is running out of space. Is there a way to find out if there is an idle process tying up disk space.
Also, what happens when /usr is full, will... (0 Replies)
Discussion started by: jjamd64
0 Replies
3. Solaris
I'm mirroring up a T2000. Able to metainit and metattach all partitions with the exception of root. Getting the following error:
metattach: <hostname>; c1t1d0s0; is mounted on /
I'm stumped. By the way, target 1 is the boot disk. (7 Replies)
Discussion started by: Probos
7 Replies
4. AIX
Hi guys
I am running AIX 5.3 and a newbie to it.
And I am getting reports telling me that the Root Directory is reaching almost max capacity, can someone give m some advice to find out what files are causing it to grow? , or how I can identify the growing files?
Thanks (6 Replies)
Discussion started by: ryanbsc@gmail.c
6 Replies
5. UNIX for Dummies Questions & Answers
Hi all.
New to the forum and new to Unix admin... / filesystem filled up and I can't find where the large files are. Any help will be apppreciated:
# df -k
Filesystem kbytes used avail capacity Mounted on
/dev/dsk/c1t0d0s0 8063580 7941745 41200 100% /
/proc ... (4 Replies)
Discussion started by: jamie_collins
4 Replies
6. Solaris
Dear all,
I have a root partition which is 20 G in size. I have var and /tmp as seperate file systems. But this 20 G of root is not sufficeint.
I want to increase the size of the / partition.
Is there any way to increase with out down time.
my df -k output is
Filesystem ... (4 Replies)
Discussion started by: jegaraman
4 Replies
7. Red Hat
i am using redhat 5.4 and my root size shows 98 %, how can i increase root size
# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/sda2 77G 16G 75G 98% /
/dev/sda1 2.4G 82M 2.2G 4% /boot
tmpfs 3.8G 0 3.8G 0%... (8 Replies)
Discussion started by: reply.ravi
8 Replies
8. Solaris
Hello guys,
I am using Solaris 10 x86 OS. While installing OS i have allocated entire 10 GB space to the root. Now i am not able to create new partition it says me "out of range" or "<cylinder number> not expected". Can someone please help me to allocated a default recommended space i.e 8GB or... (2 Replies)
Discussion started by: bhargav90
2 Replies
9. Solaris
I can see that my root partition is down to single-digit GB free out of 134GB root partition on a larger server with many SAN, NFS, LOFS mounts etc mounted at the root (/) partition.
How can I specifically tell which directories is causing the most utilization in my root (/) partition? (3 Replies)
Discussion started by: ckmehta
3 Replies
10. Ubuntu
Dear Concern,
I am new in ubuntu. Is root user disable in ubuntu? Also, is os partition default in ubuntu? I don't find any feature to create customize mount point to install OS.
Below is my current OS partition.
amirislam@blnidapp03:~$ df -h
Filesystem Size Used... (1 Reply)
Discussion started by: makauser
1 Replies
audit(1M) audit(1M)
NAME
audit - control the behavior of the audit daemon
SYNOPSIS
audit -n | -s | -t | -v [path]
The audit command is the system administrator's interface to maintaining the audit trail. The audit daemon can be notified to read the con-
tents of the audit_control(4) file and re-initialize the current audit directory to the first directory listed in the audit_control file or
to open a new audit file in the current audit directory specified in the audit_control file, as last read by the audit daemon. Reading
audit_control also causes the minfree and plugin configuration lines to be re-read and reset within auditd. The audit daemon can also be
signaled to close the audit trail and disable auditing.
-n Notify the audit daemon to close the current audit file and open a new audit file in the current audit directory.
-s Notify the audit daemon to read the audit control file. The audit daemon stores the information internally. If the audit daemon is
not running but audit has been enabled by means of bsmconv(1M), the audit daemon is started.
-t Direct the audit daemon to close the current audit trail file, disable auditing, and die. Use -s to restart auditing.
-v path Verify the syntax for the audit control file stored in path. The audit command displays an approval message or outputs specific
error messages for each error found.
The audit command will exit with 0 upon success and a positive integer upon failure.
/etc/security/audit_user
/etc/security/audit_control
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWcsu |
+-----------------------------+-----------------------------+
|Stability |Evolving |
+-----------------------------+-----------------------------+
bsmconv(1M), praudit(1M), audit(2), audit_control(4), audit_user(4), attributes(5)
The functionality described in this man page is available only if the Basic Security Module (BSM) has been enabled. See bsmconv(1M) for
more information.
The audit command does not modify a process's preselection mask. It functions are limited to the following:
o affects which audit directories are used for audit data storage;
o specifies the minimum free space setting;
o resets the parameters supplied by means of the plugin directive.
For the -s option, audit validates the audit_control syntax and displays an error message if a syntax error is found. If a syntax error
message is displayed, the audit daemon does not re-read audit_control. Because audit_control is processed at boot time, the -v option is
provided to allow syntax checking of an edited copy of audit_control. Using -v, audit exits with 0 if the syntax is correct; otherwise, it
returns a positive integer.
The -v option can be used in any zone, but the -t, -s, and -n options are valid only in local zones and, then, only if the perzone audit
policy is set. See auditd(1M) and auditconfig(1M) for per-zone audit configuration.
25 May 2004 audit(1M)