# /etc/libaudit.conf # This config file controls the behavior of applications that link against # libaudit with the intent of publishing audit events. If an application is # ever unable to publish one of these events this setting controls the behavior # of the application. 'terminate' is the safest, immediately killing the # process that was unable to register its audit event. failure_action = terminate