V-38438: Auditing must be enabled at boot by setting a kernel parameter.
------------------------------------------------------------------------

Each process on the system carries an "auditable" flag which indicates whether
its activities can be audited. Although "auditd" takes care of enabling this
for all processes which launch after it does, adding the kernel argument
ensures it is set for every process during boot.

Details: `V-38438 in STIG Viewer`_.

.. _V-38438 in STIG Viewer: https://www.stigviewer.com/stig/red_hat_enterprise_linux_6/2015-05-26/finding/V-38438

Notes for deployers
~~~~~~~~~~~~~~~~~~~

.. include:: developer-notes/V-38438.rst