As role secadmin, at label admin_low
, open the script /etc/init.d/audit using the Admin Editor.
This should be done only if auditing is not a site security requirement, or in cases of audit file overflow. The security administrator is responsible.
Comment out the start script:
… # Start the audit daemon # if [ -f /etc/security/audit_startup ] ; then # echo ”starting audit daemon” # /etc/security/audit_startup # /usr/sbin/auditd & # fi …
Write and quit the file.
Open the script /etc/init.d/drvconfig using the Admin Editor.
Add the following lines to the end of the file:
# Disable auditing # /usr/bin/adb -wk /dev/ksyms /dev/mem > /dev/null <<end audit_active/W 0 end
Prevent spurious messages about the audit daemon at shutdown by commenting out the stop script in /etc/init.d/audit:
… # Stop the audit daemon # if [ -f /etc/security/audit_startup ] ; then # /usr/sbin/audit -t # fi
Write and quit the file.
For the changes to take effect, reboot.
A user or role requires authorization to shut down the computer.