HP-UX Reference (11i v1 05/09) - 1M System Administration Commands A-M (vol 3)
a
audsys(1M) audsys(1M)
/etc/rc.config.d/auditing
.
A user process will be blocked in the kernel if all of the following events occurs:
• the file system containing current audit file is full,
• there is no next audit file or the next audit file is removed, and
• the user process makes an auditable system call or generates an auditable event.
To recover from the resulting deadlock, the session leader of the console is killed so that the the administra-
tor can login. Hence sensitive applications should not be run as session leaders on the console.
AUTHOR
audsys was developed by HP.
FILES
/.secure/etc/audnames
File maintained by audsys
containing the "current" and "next" audit file
names and their switch sizes.
SEE ALSO
audomon(1M), audctl(2), audwrite(2), setsid(2), audit(4), audit(5).
HP-UX 11i Version 1: September 2005 − 2 − Hewlett-Packard Company Section 1M−−85