A.18 LAF Audit Log Messages Commands (Linux)

Use the NSS audit log messages commands to enable or disable messages via Lightweight Auditing Framework (LAF) for NSS trustee changes for NSS volumes on OES 2 Linux. When it is enabled, NSS reports changes for the following subset of NSS events:

The messages are stored in the/var/log/audit/audit.log file. For information about the content and format of messages in the log, see Section 22.4.1, Understanding NSS Audit Log Messages.

nss /(No)LAFAuditTrustee=volumename

Enable or disable the generation of audit messages via Lightweight Auditing Framework for NSS trustee changes for NSS volumes on OES 2 Linux.

After you enable the audit log messages, the setting persists until the server reboot. After a server reboot, the audit log is disabled again by default. To make the command persist across reboots, add it to the /etc/opt/novell/nss/nssstart.cfg file.

To have the setting persist across reboots, add it to the /etc/opt/novell/nss/nssstart.cfg file.

Default: Off (disabled)

Values: On or Off

Examples

To enable NSS audit messages, enter the following at the nsscon prompt:

nss /LAFAuditTrustee=volumename

To disable NSS audit messages, enter the following at the nsscon prompt:

nss /NoLAFAuditTrustee=volumename