Hi team,

I was working on leveraging the libaudit shared library to generate audit 
events from a user space daemon. I have been using the audit_open as well as 
audit_log_acct_message() API’s to send message to the kernel audit subsystem. 
From the man pages I understand that every message to the kernel audit 
subsystem would get an ACK back. Now my question is does the daemon[single 
threaded] consuming this libaudit for sending events using  
audit_log_acct_message() API be blocked until it gets an ACK back from the 
kernel ?



If yes , is there a way to not have the application blocked during this period ?





Thanks,

Manoj

--
Linux-audit mailing list
Linux-audit@redhat.com
https://listman.redhat.com/mailman/listinfo/linux-audit

Reply via email to