Failed to start Security Auditing Service with an error "Illegal option email for disk_error_action"

Solution Verified - Updated -

Issue

  • Status of the auditd service is as below.
[root@Rhel8 ~]# systemctl status auditd.service
● auditd.service - Security Auditing Service
   Loaded: loaded (/usr/lib/systemd/system/auditd.service; enabled; vendor preset: enabled)
   Active: failed (Result: exit-code) since Thu 2021-04-08 15:27:39 CEST; 49s ago
     Docs: man:auditd(8)
           https://github.com/linux-audit/audit-documentation
  Process: 1101 ExecStart=/sbin/auditd (code=exited, status=6)

Apr 08 15:27:39 Rhel8 systemd[1]: Starting Security Auditing Service...
Apr 08 15:27:39 Rhel8 auditd[1101]: Illegal option email for disk_error_action - line 25  
Apr 08 15:27:39 Rhel8 auditd[1101]: The audit daemon is exiting.
Apr 08 15:27:39 Rhel8 systemd[1]: auditd.service: Control process exited, code=exited status=6
Apr 08 15:27:39 Rhel8 systemd[1]: auditd.service: Failed with result 'exit-code'.
Apr 08 15:27:39 Rhel8 systemd[1]: Failed to start Security Auditing Service.

Environment

  • Red Hat Enterprise Linux (RHEL)
  • auditd

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content