diff --git a/en_US.ISO8859-1/books/handbook/audit/chapter.sgml b/en_US.ISO8859-1/books/handbook/audit/chapter.sgml
index fcf2b7f815..bcfbd8febf 100644
--- a/en_US.ISO8859-1/books/handbook/audit/chapter.sgml
+++ b/en_US.ISO8859-1/books/handbook/audit/chapter.sgml
@@ -42,9 +42,9 @@ requirements. -->
security-relevant system events, including logins, configuration
changes, and file and network access. These log records can be
invaluable for live system monitoring, intrusion detection, and
- postmortem analysis. &os; implements Sun's published
+ postmortem analysis. &os; implements &sun;'s published
BSM API and file format, and is interoperable with
- both Sun's Solaris and Apple's Mac OS X audit implementations.
+ both &sun;'s &solaris; and &apple;'s &macos; X audit implementations.
This chapter focuses on the installation and configuration of
Event Auditing. It explains audit policies, and provides an example
@@ -566,7 +566,7 @@ return,success,0
trailer,133
This audit represents a successful execve
- call, in which the command "finger doug" has been run. The
+ call, in which the command finger doug has been run. The
arguments token contains both the processed command line presented
by the shell to the kernel. The path token holds the path to the
executable as looked up by the kernel. The attribute token
@@ -595,16 +595,16 @@ trailer,133
This will select all audit records produced for the user
trhodes stored in the
- AUDITFILE file.
+ AUDITFILE file.
Delegating Audit Review Rights
- Members of the audit group are given
+ Members of the audit group are given
permission to read audit trails in /var/audit;
- by default, this group is empty, so only the root user may read
- audit trails. Users may be added to the audit
+ by default, this group is empty, so only the root user may read
+ audit trails. Users may be added to the audit
group in order to delegate audit review rights to the user. As
the ability to track audit log contents provides significant insight
into the behavior of users and processes, it is recommended that the
@@ -626,8 +626,8 @@ trailer,133
&prompt.root; praudit /dev/auditpipe
By default, audit pipe device nodes are accessible only to the
- root user. To make them accessible to the members of the
- audit group, add a devfs rule
+ root user. To make them accessible to the members of the
+ audit group, add a devfs rule
to devfs.rules:
add path 'auditpipe*' mode 0440 group audit
@@ -651,7 +651,7 @@ trailer,133
Rotating Audit Trail Files
Audit trails are written to only by the kernel, and managed only
- by the audit daemon, auditd. Administrators
+ by the audit daemon, auditd. Administrators
should not attempt to use &man.newsyslog.conf.5; or other tools to
directly rotate audit logs. Instead, the audit
management tool may be used to shut down auditing, reconfigure the
@@ -664,7 +664,7 @@ trailer,133
&prompt.root; audit -n
- If the auditd daemon is not currently
+ If the auditd daemon is not currently
running, this command will fail and an error message will be
produced.