6.5 Ensure the Audit Plugin Can't be Unloaded

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version


Set server_audit to FORCE_PLUS_PERMANENT


This disables unloading on the plugin.


If someone can unload the plugin it would be possible to perform actions on the database without audit events being logged to the audit log. If the audit log plugin can be unloaded the audit log can be temporarily or permanently disabled.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.


To remediate this setting, follow these steps:

Open the MariaDB configuration file (mariadb.cnf)

Ensure the following line is found in the mariadbd section


See Also