如何在 CentOS 上安装 auditd？

如何在 CentOS 6.4 x64 上安装 auditd ？我想记录管理员运行的所有命令 记录管理员在生产服务器上运行的所有命令 编辑：我无法运行 aduditd 服务

我用这个教程 在此处输入链接描述

sudo yum install audit
sudo chkconfig auditd on

将以下两行添加到 /etc/audit/audit.rules

-a exit,always -F arch=b64 -F euid=0 -S execve
-a exit,always -F arch=b32 -F euid=0 -S execve

我运行了一些命令，但 /var/log/ 中没有用于登录的 auditd 目录

现在 auditd 不起作用，我无法运行服务。在消息日志中我收到此信息

Sep  7 18:05:40 vesoljedomen auditd[6777]: Started dispatcher: /sbin/audispd pid: 6779
Sep  7 18:05:40 vesoljedomen audispd: No plugins found, exiting
Sep  7 18:05:40 vesoljedomen auditd[6777]: Unable to set audit pid, exiting
Sep  7 18:05:40 vesoljedomen auditd: Cannot daemonize (Success)
Sep  7 18:05:40 vesoljedomen auditd: The audit daemon is exiting.
Sep  7 18:05:40 vesoljedomen auditd[6777]: The audit daemon is exiting.
Sep  7 18:05:47 vesoljedomen auditd[6791]: Started dispatcher: /sbin/audispd pid: 6793
Sep  7 18:05:47 vesoljedomen audispd: No plugins found, exiting
Sep  7 18:05:47 vesoljedomen auditd[6791]: Unable to set audit pid, exiting
Sep  7 18:05:47 vesoljedomen auditd: Cannot daemonize (Success)
Sep  7 18:05:47 vesoljedomen auditd: The audit daemon is exiting.
Sep  7 18:05:47 vesoljedomen auditd[6791]: The audit daemon is exiting.
Sep  7 18:06:01 vesoljedomen auditd[6924]: Started dispatcher: /sbin/audispd pid: 6926
Sep  7 18:06:01 vesoljedomen audispd: No plugins found, exiting
Sep  7 18:06:01 vesoljedomen auditd[6924]: Unable to set audit pid, exiting
Sep  7 18:06:01 vesoljedomen auditd: Cannot daemonize (Success)
Sep  7 18:06:01 vesoljedomen auditd: The audit daemon is exiting.
Sep  7 18:06:01 vesoljedomen auditd[6924]: The audit daemon is exiting.


-bash-4.1# -bash-4.1# chkconfig --list | grep auditd
-bash: -bash-4.1#: command not found
-bash-4.1# auditd          0:off   1:off   2:on    3:on    4:on    5:on    6:off
Usage: auditd [-f] [-l] [-n] [-s disable|enable|nochange]
-bash-4.1# -bash-4.1# service auditd status
-bash: -bash-4.1#: command not found
-bash-4.1# service auditd start
-bash-4.1# auditd is stopped