Query regarding the lib audit-userspace
Manojkiran Eda
manojkiran.eda at gmail.com
Tue Sep 13 16:53:32 UTC 2022
Hi team,
I was working on leveraging the libaudit shared library to generate audit events from a user space daemon. I have been using the audit_open as well as audit_log_acct_message() API’s to send message to the kernel audit subsystem. From the man pages I understand that every message to the kernel audit subsystem would get an ACK back. Now my question is does the daemon[single threaded] consuming this libaudit for sending events using audit_log_acct_message() API be blocked until it gets an ACK back from the kernel ?
If yes , is there a way to not have the application blocked during this period ?
Thanks,
Manoj
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/linux-audit/attachments/20220913/7828b07c/attachment.htm>
More information about the Linux-audit
mailing list