The default file for krb5_key_file is missing from the auditd.conf(5) manual

The default file for krb5_key_file is missing from the auditd.conf(5) manual

[Mateusz Piotrowski]

Hello,

See this line[1]. It lacks the name of the default file.

As I don't know what the default file is I cannot submit a patch.  Hopefully, 
someone else can fix this file.

Cheers!

-Mateusz

[1]: https://github.com/linux-audit/audit-userspace/blob/master/docs/auditd.conf.5#L291

Re: The default file for krb5_key_file is missing from the auditd.conf(5) manual

[Mateusz Piotrowski]

Hello,

On 21 Aug 2016, at 21:00, Mateusz Piotrowski <0mp@freebsd.org> wrote:
> See this line[1]. It lacks the name of the default file.
> 
> [1]: https://github.com/linux-audit/audit-userspace/blob/master/docs/auditd.conf.5#L291

I was able to fix this man page. Here's the patch:

>From e0650ae46d13ea9e588d2552c83513c554cf52dd Mon Sep 17 00:00:00 2001
From: Mateusz Piotrowski <mpp302@gmail.com>
Date: Sun, 21 Aug 2016 21:42:00 +0200
Subject: [PATCH] Fix auditd man page.

Related to this email: [The default file for krb5_key_file is missing
from the auditd.conf(5) manual][1]

[1]: https://www.redhat.com/archives/linux-audit/2016-August/msg00056.html.
---
 docs/auditd.conf.5 | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/docs/auditd.conf.5 b/docs/auditd.conf.5
index 026a58d..1546b34 100644
--- a/docs/auditd.conf.5
+++ b/docs/auditd.conf.5
@@ -29,7 +29,7 @@ The log format describes how the information should be stored on disk. There are
 the audit records will be stored in a format exactly as the kernel sends it. The
 .IR ENRICHED
 option will resolve all uid, gid, syscall, architecture, and socket address information before writing the event to disk. This aids in making sense of events created on one system but reported/analized on another system.
-The 
+The
 .I NOLOG
 option is now deprecated. If you were setting this format, now you should set
 the write_logs option to no.
@@ -256,7 +256,7 @@ events. In this case you would increase the number only large enough to let it
 in too.
 .TP
 .I use_libwrap
-This setting determines whether or not to use tcp_wrappers to discern connection attempts that are from allowed machines. Legal values are either 
+This setting determines whether or not to use tcp_wrappers to discern connection attempts that are from allowed machines. Legal values are either
 .IR yes ", or " no "
 The default value is yes.
 .TP
@@ -288,12 +288,11 @@ server's host, as returned by a DNS lookup of its IP address.
 .I krb5_key_file
 Location of the key for this client's principal.
 Note that the key file must be owned by root and mode 0400.
-The default is
+The default is \fI/etc/audit/audit.key\fP.
 .TP
 .I distribute_network
 If set to "yes", network originating events will be distributed to the audit
 dispatcher for processing. The default is "no".
-.I /etc/audit/audit.key
 
 .SH NOTES
 In a CAPP environment, the audit trail is considered so important that access to system resources must be denied if an audit trail cannot be created. In this environment, it would be suggested that /var/log/audit be on its own partition. This is to ensure that space detection is accurate and that no other process comes along and consumes part of it.
-- 
2.9.2

Re: The default file for krb5_key_file is missing from the auditd.conf(5) manual

[Steve Grubb]

On Sunday, August 21, 2016 9:00:31 PM EDT Mateusz Piotrowski wrote:
> Hello,
> 
> See this line[1]. It lacks the name of the default file.
> 
> As I don't know what the default file is I cannot submit a patch. 
> Hopefully, someone else can fix this file.

I forgot to reply but this was fixed in the latest release. Looks like a copy 
and paste hit the wrong line. Thanks for pointing this out.

-Steve