From: Valdis.Kletnieks@vt.edu
To: chuli <chul@cn.fujitsu.com>
Cc: linux-audit@redhat.com
Subject: Re: option "-n" of auditd
Date: Tue, 29 Apr 2008 02:38:57 -0400 [thread overview]
Message-ID: <31764.1209451137@turing-police.cc.vt.edu> (raw)
In-Reply-To: Your message of "Tue, 29 Apr 2008 13:34:20 +0800." <001e01c8a9ba$ad02c430$548da70a@truly>
[-- Attachment #1.1: Type: text/plain, Size: 590 bytes --]
On Tue, 29 Apr 2008 13:34:20 +0800, chuli said:
> Hi,
> I 've tried option "-n" of auditd, but I don't understand what's the meaning of this option?
> Is it used for single-user mode of inittab?
It's probably usable for all runlevels, if you're using inittab to (re)start
auditd. If you don't use it, what will happen is that auditd will do the
traditional double-fork-to-daemonize, init will notice the parent has exited,
and if inittab says 'respawn', will fork/exec another auditd, which will
double-fork, and in a few seconds you've fork-bombed the system into a
smoking crater...
[-- Attachment #1.2: Type: application/pgp-signature, Size: 226 bytes --]
[-- Attachment #2: Type: text/plain, Size: 0 bytes --]
prev parent reply other threads:[~2008-04-29 6:39 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-04-17 11:05 Security testing tree patch review for 2.6.26 James Morris
2008-04-17 11:05 ` [PATCH 01/12] LSM: Introduce inode_getsecid and ipc_getsecid hooks James Morris
2008-04-17 11:05 ` [PATCH 02/12] SELinux: setup new inode/ipc getsecid hooks James Morris
2008-04-17 11:06 ` [PATCH 03/12] Audit: use new LSM hooks instead of SELinux exports James Morris
2008-04-17 11:06 ` [PATCH 04/12] Netlink: Use generic LSM hook James Morris
2008-04-17 11:06 ` [PATCH 05/12] SELinux: remove redundant exports James Morris
2008-04-17 11:06 ` [PATCH 06/12] LSM/Audit: Introduce generic Audit LSM hooks James Morris
2008-04-17 11:06 ` [PATCH 07/12] Audit: internally use the new LSM audit hooks James Morris
2008-04-17 11:06 ` [PATCH 08/12] SELinux: use new audit hooks, remove redundant exports James Morris
2008-04-17 11:06 ` [PATCH 09/12] Audit: Final renamings and cleanup James Morris
2008-04-17 11:06 ` [PATCH 10/12] Tell git about security/selinux/include/audit.h James Morris
2008-04-17 15:44 ` Greg KH
2008-04-17 15:53 ` James Morris
2008-04-17 11:06 ` [PATCH 11/12] Security: Introduce security= boot parameter James Morris
2008-04-17 15:29 ` Casey Schaufler
2008-04-17 11:06 ` [PATCH 12/12] security: fix up documentation for security_module_enable James Morris
2008-04-17 15:30 ` Casey Schaufler
2008-04-17 16:10 ` [PATCH 2.6.26 #repost] Smack: Integrate with Audit Ahmed S. Darwish
2008-04-19 22:19 ` Casey Schaufler
2008-04-18 18:11 ` Security testing tree patch review for 2.6.26 Casey Schaufler
2008-04-28 16:32 ` Alexander Viro
2008-04-29 5:34 ` option "-n" of auditd chuli
2008-04-29 6:38 ` Valdis.Kletnieks [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=31764.1209451137@turing-police.cc.vt.edu \
--to=valdis.kletnieks@vt.edu \
--cc=chul@cn.fujitsu.com \
--cc=linux-audit@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox