This change allows the audit subsystem to configure a set of audit event number <-> name mappings earlier in boot, using a copy of /etc/security/audit_event preloaded by the boot loader. This means that dtaudit can initialise a complete set of audit-related probes at audit initialisation time, rather than waiting until auditd(8) has started well into the multiuser boot. When auditd(8) does start, it can update the mappings. To enable this feature, put 'audit_event_load="YES"' in loader.conf. (Note that once this change is applied, /etc/defaults/loader.conf must also be updated, requiring an install world, not just an install kernel).
This change allows the audit subsystem to configure a set of audit event number <-> name mappings earlier in boot, using a copy of /etc/security/audit_event preloaded by the boot loader. This means that dtaudit can initialise a complete set of audit-related probes at audit initialisation time, rather than waiting until auditd(8) has started well into the multiuser boot. When auditd(8) does start, it can update the mappings. To enable this feature, put 'audit_event_load="YES"' in loader.conf. (Note that once this change is applied, /etc/defaults/loader.conf must also be updated, requiring an install world, not just an install kernel).