I am running RHEL7, and my audit log partition randomly (not often, but often enough to annoy me) gets corrupted, preventing me from booting. How can I either prevent the partition from being corrupted, or ignore it and allow the system to continue to boot? "Sledgehammer" answers are acceptable.
Whenever the system becomes corrupted, I run a umount
, followed by a xfs_repair -L
, followed by a mount
. This temporarily fixes the issue until the next time it gets corrupted.
- Will disabling auditing via
auditd -e 2
orsystemctl disable auditd
solve this issue? - Is there a way to continue to boot (ignore the partition) if audit log partition is corrupted?
- Can I just delete the partition, if I also disable auditing?
- Can I put the partition in read-only mode?
- Can I automatically detect a corrupted partition and repair it on boot? This answer seems to indicate I can have xfs_repair run on boot, but I'm not fully following the answer.