1AUGENRULES:(8)          System Administration Utilities         AUGENRULES:(8)
2
3
4

NAME

6       augenrules - a script that merges component audit rule files
7

SYNOPSIS

9       augenrules [--check] [--load]
10

DESCRIPTION

12       augenrules  is  a  script  that merges all component audit rules files,
13       found in the audit rules  directory,  /etc/audit/rules.d,  placing  the
14       merged file in /etc/audit/audit.rules. Component audit rule files, must
15       end  in  .rules  in  order  to  be  processed.  All  other   files   in
16       /etc/audit/rules.d are ignored.
17
18       The  files  are concatenated in order, based on their natural sort (see
19       -v option of ls(1)) and stripped of empty and comment (#) lines.
20
21       The last processed -D directive  without  an  option,  if  present,  is
22       always  emitted  as the first line in the resultant file. Those with an
23       option are replicated in place.  The last processed  -b  directive,  if
24       present,  is  always  emitted as the second line in the resultant file.
25       The last processed -f directive, if present, is always emitted  as  the
26       third  line in the resultant file.  The last processed -e directive, if
27       present, is always emitted as the last line in the resultant file.
28
29       The generated file is only copied to /etc/audit/audit.rules, if it dif‐
30       fers.
31

OPTIONS

33       --check
34              test if rules have changed and need updating without overwriting
35              audit.rules.
36
37       --load load old or newly built rules into the kernel.
38
39

FILES

41       /etc/audit/rules.d/ /etc/audit/audit.rules
42

SEE ALSO

44       audit.rules(8), auditctl(8), auditd(8).
45
46
47
48Red Hat                            Apr 2013                     AUGENRULES:(8)
Impressum