t Specifies that the audit system should terminate. s Specifies that the audit system should synchronize its con-įiguration from the audit control file. Also, audit log files that meet the expirationĬriteria specified in the audit control file will be removed. Rotate to a new log file in a location specified in the auditĬontrol file. n Forces the audit system to close the existing audit log file and Mac OS X only and requires auditd(8) to be configured to run That meet the expiration criteria specified in the audit control One of theįollowing flags is required as an argument to audit: -e Forces the audit system to immediately remove audit log files ![]() The audit utility controls the state of the audit system. If you can get a shell will show you where you need to go You have enabled auditing somewhere along the line, being a wise person, but you have not trimmed the file, being a human, like I. Thanks for any advice / tips in advance! - Larry I've got all manner of good backups (CCL, Time Machine, Dropbox) – so I'm not as worried about data loss as I am jsut anxious to get my system back (everything working normal except disk space issued.booted from external drive and deleted 5GB to make some breathing room). I know there is various Unix core stuff in /private, but that is about the limit of my knowledge there. Question is => is it safe top delete /private/var/audit/20110423020458.crash_recovery ? Only reason I eventually found the file at all is that it showed up in DaisyDisk (it didn't in other mappers). Finally went to SnowLeopard Cache Cleaner and Applejack deep cleaning. ![]() Running most all the cache cleaning scripts. I've tried running daily/weekly/monthly via Onyx. Took me all day, but finally found a file in /private/var/audit/ called "20110423020458.crash_recovery" that is 126.61GBytes! 50% free space last night, was totally out of disk space! Woke up this morning any my 250GB, which had approx.
0 Comments
Leave a Reply. |