You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
39 lines
1.8 KiB
39 lines
1.8 KiB
7 years ago
|
diff -ur audit-2.7.5.orig/docs/auditctl.8 audit-2.7.5/docs/auditctl.8
|
||
|
--- audit-2.7.5.orig/docs/auditctl.8 2017-04-10 10:22:22.000000000 -0400
|
||
|
+++ audit-2.7.5/docs/auditctl.8 2017-04-10 10:46:51.704436241 -0400
|
||
|
@@ -10,9 +10,6 @@
|
||
|
.BI \-b\ backlog
|
||
|
Set max number of outstanding audit buffers allowed (Kernel Default=64) If all buffers are full, the failure flag is consulted by the kernel for action.
|
||
|
.TP
|
||
|
-.BI \-\-backlog_wait_time \ \fIwait_time\fP
|
||
|
-Set the time for the kernel to wait (Kernel Default 60*HZ) when the backlog_limit is reached before queuing more audit events to be transferred to auditd. The number must be greater than or equal to zero and less that 10 times the default value.
|
||
|
-.TP
|
||
|
.B \-c
|
||
|
Continue loading rules in spite of an error. This summarizes the results of loading the rules. The exit code will not be success if any rule fails to load.
|
||
|
.TP
|
||
|
diff -ur audit-2.7.5.orig/docs/Makefile.in audit-2.7.5/docs/Makefile.in
|
||
|
--- audit-2.7.5.orig/docs/Makefile.in 2017-04-10 10:31:52.000000000 -0400
|
||
|
+++ audit-2.7.5/docs/Makefile.in 2017-04-10 10:49:12.389447484 -0400
|
||
|
@@ -373,7 +373,7 @@
|
||
|
ausearch_next_event.3 ausearch_set_stop.3 \
|
||
|
autrace.8 get_auditfail_action.3 set_aumessage_mode.3 \
|
||
|
audispd.8 audispd.conf.5 audispd-zos-remote.8 libaudit.conf.5 \
|
||
|
-augenrules.8 audit_set_backlog_wait_time.3 \
|
||
|
+augenrules.8 \
|
||
|
zos-remote.conf.5
|
||
|
|
||
|
all: all-am
|
||
|
diff -ur audit-2.7.5.orig/rules/10-base-config.rules audit-2.7.5/rules/10-base-config.rules
|
||
|
--- audit-2.7.5.orig/rules/10-base-config.rules 2017-04-10 10:22:22.000000000 -0400
|
||
|
+++ audit-2.7.5/rules/10-base-config.rules 2017-04-10 10:47:56.555441424 -0400
|
||
|
@@ -5,9 +5,6 @@
|
||
|
## Make this bigger for busy systems
|
||
|
-b 8192
|
||
|
|
||
|
-## This determine how long to wait in burst of events
|
||
|
---backlog_wait_time 0
|
||
|
-
|
||
|
## Set failure mode to syslog
|
||
|
-f 1
|
||
|
|