Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

audit_set_failure(3) [suse man page]

AUDIT_SET_FAILURE(3)						  Linux Audit API					      AUDIT_SET_FAILURE(3)

NAME

       audit_set_failure - Set audit failure flag

SYNOPSIS

       #include <libaudit.h>

       int audit_set_failure (int fd, int failure);

DESCRIPTION

       audit_set_failure  sets the action that the kernel will perform when the backlog limit is reached or when it encounters an error and cannot
       proceed. Possible values are:

       0 - AUDIT_FAIL_PRINTK [default]
	      Log the audit record using printk which will cause subsequent events to get written to syslog.

       1 - AUDIT_FAIL_SILENT
	      Do nothing, report nothing, skip logging the record and continue.

       2 - AUDIT_FAIL_PANIC
	      Call the panic function. This would be used to prevent use of the machine upon loss of audit events.

RETURN VALUE

       The return value is <= 0 on error, otherwise it is the netlink sequence id number. This function can  have  any	error  that  sendto  would
       encounter.

SEE ALSO

       audit_set_backlog(3), audit_open(3), auditd(8), auditctl(8).

AUTHOR

       Steve Grubb

Red Hat 							     Oct 2006						      AUDIT_SET_FAILURE(3)

Check Out this Related Man Page

AUDIT_ADD_RULE_DATA(3)						  Linux Audit API					    AUDIT_ADD_RULE_DATA(3)

NAME

       audit_add_rule_data - Add new audit rule

SYNOPSIS

       #include <libaudit.h>

       int audit_add_rule_data (int fd, struct audit_rule_data *rule, int flags, int action);

DESCRIPTION

       audit_add_rule adds an audit rule previously constructed with audit_rule_fieldpair_data(3) to one of several kernel event filters. The fil-
       ter is specified by the flags argument. Possible values for flags are:

       o  AUDIT_FILTER_USER - Apply rule to userspace generated messages.

       o  AUDIT_FILTER_TASK - Apply rule at task creation (not syscall).

       o  AUDIT_FILTER_EXIT - Apply rule at syscall exit.

       o  AUDIT_FILTER_TYPE - Apply rule at audit_log_start.

       The rule's action has two possible values:

       o  AUDIT_NEVER - Do not build context if rule matches.

       o  AUDIT_ALWAYS - Generate audit record if rule matches.

RETURN VALUE

       The return value is <= 0 on error, otherwise it is the netlink sequence id number. This function can  have  any	error  that  sendto  would
       encounter.

SEE ALSO

       audit_rule_fieldpair_data(3), audit_delete_rule_data(3), auditctl(8).

AUTHOR

       Steve Grubb.

Red Hat 							     Aug 2009						    AUDIT_ADD_RULE_DATA(3)
Man Page

3 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Enomem in Journal Retry Error

Hi, Does anyone seen this error before.. kernel: ENOMEM in journal_alloc_journal_head, retrying. I encounter this problem on IBM eServers where when the above error appears usually the machine is dead or hanged. Unless a hard reboot is been done. Is this something have to do with the memory... (1 Reply)
Discussion started by: killerserv
1 Replies

2. Programming

problem with while loop

hi all, i have written the following code: while(proceed !='Y' && proceed!='N' && proceed!='y' && proceed!='n') { printf("\nPress \n\t 'Y' or 'y' to continue \n\t 'N' or 'n' to cancel:"); scanf("%c",&proceed); } the output i am gettin is: Press 'Y' to continue ... (1 Reply)
Discussion started by: mridula
1 Replies

3. Cybersecurity

How to fine Tune and Harden the Linux kernel

Hi, As a a security audit, how can I proceed further with Fine tuning and Hardening the linux kernel... I am not sure with the steps how to proceed further... If i do some thing wrong, then its comes with the Kernel panic error. So, I am afraid, how to do the tuning with the kernel.. (1 Reply)
Discussion started by: gsiva
1 Replies