Solaris 9: Hard limit exceeded

From: Hardison Leif (Leif.Hardison_at_comverse.com)
Date: 11/05/05

  • Next message: Vijay Srinivasan: "Problems booting from cdrom/disk with my SunFire V100 sparc server ..."
    Date: Sat, 5 Nov 2005 02:33:59 -0500
    To: <sunmanagers@sunmanagers.org>
    
    

    Hi,

    I'm having some difficulty determing why audit_warn.sh is triggering
    hard limit warnings to daemon.alert.

    bash-2.05# more /etc/security/audit_control
    dir:/var/log/auditlog
    flags: lo,ad,ex,fm,-fw,-fc,-fd,na
    naflags: lo,ad,ex,fm,-fw,-fc,-fd
    minfree:20
    /usr/sbin/auditconfig -setpolicy -cnt,argv,arge
    # location for log overflow
    dir:/opt/log/auditlog

    None of my mounted filesystems are above even near being at capacity

    bash-2.05# df -k
    Filesystem kbytes used avail capacity Mounted on
    /dev/dsk/c1t1d0s0 60965916 9212604 51143653 16% /
    /proc 0 0 0 0% /proc
    mnttab 0 0 0 0% /etc/mnttab
    fd 0 0 0 0% /dev/fd
    swap 9781984 32 9781952 1% /var/run
    swap 9805104 23152 9781952 1% /tmp
    /dev/dsk/c1t1d0s5 957783 1041 899276 1% /globaldevices

    I have no disk quotas enabled.

    BSM is enabled and I'm running Solaris 9 4/4 with some but not all
    patches currently installed.

    I've read the majority of the audit related man pages and took the basis
    of my solaris 9 hardening from the NSA Solaris 9 guidelines.

    Recommendations on where to go next would be appreciated.

    Regards,

    Leif
    _______________________________________________
    sunmanagers mailing list
    sunmanagers@sunmanagers.org
    http://www.sunmanagers.org/mailman/listinfo/sunmanagers


  • Next message: Vijay Srinivasan: "Problems booting from cdrom/disk with my SunFire V100 sparc server ..."