option "-n" of auditd
Valdis.Kletnieks at vt.edu
Valdis.Kletnieks at vt.edu
Tue Apr 29 06:38:57 UTC 2008
On Tue, 29 Apr 2008 13:34:20 +0800, chuli said:
> Hi,
> I 've tried option "-n" of auditd, but I don't understand what's the meaning of this option?
> Is it used for single-user mode of inittab?
It's probably usable for all runlevels, if you're using inittab to (re)start
auditd. If you don't use it, what will happen is that auditd will do the
traditional double-fork-to-daemonize, init will notice the parent has exited,
and if inittab says 'respawn', will fork/exec another auditd, which will
double-fork, and in a few seconds you've fork-bombed the system into a
smoking crater...
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/linux-audit/attachments/20080429/d5160893/attachment.sig>
More information about the Linux-audit
mailing list