Based on feedbacks I received from other forums this is what I did -
This is what the diff produced -
Code:
prapb241[/etc/security/audit] # diff objects.prapb242 objects.prapb241
24c24
< /etc/hosts.allow:
---
> /etc/hosts.allow :
27c27
< /etc/hosts.deny:
---
> /etc/hosts.deny :
The only thing I could find is the difference in the 'space' before the ':' -
Code:
prapb241[/etc/security/audit] # grep /etc/hosts objects.prapb241
/etc/hosts.allow :
/etc/hosts.deny :
prapb241[/etc/security/audit] # grep /etc/hosts objects.prapb242
/etc/hosts.allow:
/etc/hosts.deny:
So I copied the object file from the working node 'prapb241' to 'prapb242' -
Code:
prapb241[/etc/security/audit] # scp objects.prapb241 prapb242_mgmt:$PWD
objects.prapb241
Renamed the 'objects.prapb241' file on node 2 as -
Code:
prapb242[/etc/security/audit] # mv objects.prapb241 objects
Restarted the 'audit' service -
Code:
prapb242[/etc/security/audit] # audit shutdown
auditing reset
prapb242[/etc/security/audit] # audit start
** failed setting kernel audit objects
Still fails.
As per another suggestion this is what I did -
Did a check for the existence/absence of 'hosts' files on both the nodes -
Code:
prapb241[/etc/security/audit] # cat objects | grep /etc | cut -f1 -d: | while read x^Jdo^Jls -ltr $x^Jdone
-rw-r----- 1 root security 60 May 07 2007 /etc/security/environ
-rw-r----- 1 root security 673 Mar 30 2010 /etc/security/group
-rw-r----- 1 root security 1879 Aug 03 2010 /etc/security/limits
-rw-rw---- 1 root security 4969 Jul 13 2010 /etc/security/login.cfg
-rw------- 1 root security 2616 Jan 23 13:39 /etc/security/passwd
-rw-r----- 1 root security 15527 Jan 23 13:33 /etc/security/user
-rw-r----- 1 root audit 3479 Jan 31 15:06 /etc/security/audit/config
-rw-r--r-- 1 root system 662 Apr 28 2008 /etc/hosts.allow
-rw-r--r-- 1 root system 126 Apr 28 2008 /etc/hosts.deny
prapb242[/etc/security/audit] # cat objects | grep /etc | cut -f1 -d: | while read x^Jdo^Jls -ltr $x^Jdone
-rw-r----- 1 root security 60 May 07 2007 /etc/security/environ
-rw-r----- 1 root security 673 Mar 30 2010 /etc/security/group
-rw-r----- 1 root security 1861 Aug 03 2010 /etc/security/limits
-rw-rw---- 1 root security 4976 Jul 13 2010 /etc/security/login.cfg
-rw------- 1 root security 2928 Jan 25 11:21 /etc/security/passwd
-rw-r----- 1 root security 15063 Jan 25 11:21 /etc/security/user
-rw-r----- 1 root audit 3479 Jan 31 16:17 /etc/security/audit/config
-rw-r--r-- 1 root system 662 Apr 28 2008 /etc/hosts.allow
-rw-r--r-- 1 root system 126 Apr 28 2008 /etc/hosts.deny
Nothing missing there either!