To Enable Auditing
By default, auditing is enabled. If you have disabled auditing, enable it by reversing the above procedure.
-
As role secadmin, at label
admin_low, open the script /etc/init.d/audit using the Admin Editor. -
Remove the comments from the audit start script:
… # Start the audit daemon if [ -f /etc/security/audit_startup ] ; then echo ”starting audit daemon” /etc/security/audit_startup /usr/sbin/auditd & fi …
-
Write and quit the file.
-
Enable the audit daemon to exit gracefully at shutdown by removing the comments in the stop script in /etc/init.d/audit:
… # Stop the audit daemon if [ -f /etc/security/audit_startup ] ; then /usr/sbin/audit -t fi
-
Write and quit the file.
-
Open the script /etc/init.d/drvconfig using the Admin Editor.
-
Comment out the Disable auditing lines:
# Disable auditing # # /usr/bin/adb -wk /dev/ksyms /dev/mem > /dev/null <<end # audit_active/W 0 # end
-
Write and quit the file.
-
For the changes to take effect, reboot using the Shut Down menu item from the TP (Trusted Path) menu.
- © 2010, Oracle Corporation and/or its affiliates