From: Michael Jeffries (M) (jeffrimj@telkom.co.za)
Date: Wed Dec 17 2003 - 09:49:03 EST
Hi there,
I have a problem. by default Kernel-level auditing logs to
/.secure/etc/audfile1, /.secure/etc/audfile2. Now this is / ,so if it
fills up root, my server is stuffed.
I created a dir /var/secure/etc/ and changed the
/etc/rc.config.d/auditing file to log to this new location.
PRI_AUDFILE=/var/secure/etc/audfile1
PRI_SWITCH=1000
SEC_AUDFILE=/var/secure/etc/audfile2
SEC_SWITCH=1000
The problem is that it is still logging to root. Is there a process
that has to be kill -HUP for kernel-level auditing to now log to the
new location?
Thanks a ton for your help
Mike
-- ---> Please post QUESTIONS and SUMMARIES only!! <--- To subscribe/unsubscribe to this list, contact majordomo@dutchworks.nl Name: hpux-admin@dutchworks.nl Owner: owner-hpux-admin@dutchworks.nl Archives: ftp.dutchworks.nl:/pub/digests/hpux-admin (FTP, browse only) http://www.dutchworks.nl/htbin/hpsysadmin (Web, browse & search)
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 11:02:37 EDT