diff -ur audit-1.0.1.orig/init.d/auditd.init audit-1.0.1/init.d/auditd.init
--- audit-1.0.1.orig/init.d/auditd.init	2005-08-20 14:27:25.000000000 -0400
+++ audit-1.0.1/init.d/auditd.init	2005-08-20 16:44:21.000000000 -0400
@@ -34,6 +34,17 @@
 test -x /sbin/auditd  || exit 5
 test -f /etc/auditd.conf  || exit 6
 
+# Check to see if we are using a kernel with known problems
+if [ -x /sbin/audit-version-test ] ; then
+	/sbin/audit-version-test
+	if [ $? -eq 0 -o $? -eq 255 ] ; then
+		msg="auditd command failed - a newer kernel is needed"
+		echo $msg
+		logger $msg
+		exit 1
+	fi
+fi
+
 RETVAL=0
 
 prog="auditd"
diff -ur audit-1.0.1.orig/lib/libaudit.c audit-1.0.1/lib/libaudit.c
--- audit-1.0.1.orig/lib/libaudit.c	2005-08-20 14:27:25.000000000 -0400
+++ audit-1.0.1/lib/libaudit.c	2005-08-20 16:45:18.000000000 -0400
@@ -33,6 +33,7 @@
 #include <grp.h>
 #include <errno.h>
 #include <sys/utsname.h>
+#include <sys/wait.h>
 #define __USE_GNU
 #include <fcntl.h>	/* O_NOFOLLOW needs gnu defined */
 #undef __USE_GNU
@@ -66,11 +67,49 @@
 	return rc;
 }
 
+/*
+ * This function is patched in only for ia64 machines. It checks to
+ * see if we are running on an old kernel. If so we abort execution.
+ */
+void audit_check_kernel_version(void)
+{
+	int status;
+	char *argv[2];
+	pid_t pid = fork();
+
+	switch (pid)
+	{
+		case -1:        // error
+			audit_msg(LOG_ERR, "failed on fork (%s)\n",
+				strerror(errno));
+			exit(1);
+			break;
+		case 0:         // child
+			argv[0] = strdup("/sbin/audit-version-test");
+			argv[1] = NULL;
+			execvp(argv[0], &argv[0]);
+			audit_msg(LOG_ERR, "Failed to exec %s\n", argv[0]);
+			exit(1);
+			break;
+		default:        // parent
+			waitpid(pid, &status, 0);
+			if (WIFEXITED(status)) {
+				if ((char)WEXITSTATUS(status) <= 0) {
+					audit_msg(LOG_ERR,
+				"command failed - a newer kernel is needed\n");
+					exit(1);
+				}
+			}
+			break;
+	}
+}
+
 int audit_set_enabled(int fd, int enabled)
 {
 	int rc;
 	struct audit_status s;
 
+	audit_check_kernel_version();
 	memset(&s, 0, sizeof(s));
 	s.mask    = AUDIT_STATUS_ENABLED;
 	s.enabled = enabled;
diff -ur audit-1.0.1.orig/lib/libaudit.h audit-1.0.1/lib/libaudit.h
--- audit-1.0.1.orig/lib/libaudit.h	2005-08-20 14:27:25.000000000 -0400
+++ audit-1.0.1/lib/libaudit.h	2005-08-20 16:44:21.000000000 -0400
@@ -191,6 +191,7 @@
 
 /* AUDIT_GET */
 extern int audit_request_status(int fd);
+extern void audit_check_kernel_version(void);
 extern int audit_is_enabled(int fd);
 
 /* AUDIT_SET */
diff -ur audit-1.0.1.orig/src/auditd.c audit-1.0.1/src/auditd.c
--- audit-1.0.1.orig/src/auditd.c	2005-08-20 14:27:25.000000000 -0400
+++ audit-1.0.1/src/auditd.c	2005-08-20 16:45:41.000000000 -0400
@@ -200,6 +200,9 @@
 		(void) umask( umask( 077 ) | 022 );
 	}
 
+	/* See if we are running on a bad kernel */
+	audit_check_kernel_version();
+
 #ifndef DEBUG
 	/* Make sure we are root */
 	if (getuid() != 0) {