diff -urp upstart-0.3.9.orig/compat/sysv/reboot.c upstart-0.3.9/compat/sysv/reboot.c
--- upstart-0.3.9.orig/compat/sysv/reboot.c	2008-11-03 12:29:30.000000000 -0500
+++ upstart-0.3.9/compat/sysv/reboot.c	2008-11-05 08:16:22.000000000 -0500
@@ -37,6 +37,9 @@
 #include <string.h>
 #include <unistd.h>
 #include <utmp.h>
+#if 1 /* HAVE_LIBAUDIT */
+#include <libaudit.h>
+#endif
 
 #include <linux/if.h>
 #include <linux/hdreg.h>
@@ -87,6 +90,7 @@ enum {
 /* Prototypes for static functions */
 static void down_drives     (void);
 static void down_interfaces (void);
+static void send_audit_event(void);
 
 
 /**
@@ -277,6 +281,7 @@ main (int   argc,
 	 */
 	reboot (RB_ENABLE_CAD);
 	kill (1, SIGTSTP);
+	send_audit_event ();
 
 	/* Sync the disks */
 	chdir ("/");
@@ -315,6 +320,23 @@ main (int   argc,
 	return 0;
 }
 
+/**
+ * send_audit_event
+ *
+ * Send system shutdown audit event
+ **/
+static void
+send_audit_event (void)
+{
+#if 1 /* HAVE_LIBAUDIT */
+        int fd = audit_open ();
+        if (fd < 0)
+                return;
+        audit_log_user_message (fd, AUDIT_SYSTEM_SHUTDOWN, "init",
+                NULL, NULL, NULL, 1);
+        close (fd);
+#endif
+}
 
 /**
  * down_drives:
diff -urp upstart-0.3.9.orig/compat/sysv/runlevel.c upstart-0.3.9/compat/sysv/runlevel.c
--- upstart-0.3.9.orig/compat/sysv/runlevel.c	2008-11-03 12:29:30.000000000 -0500
+++ upstart-0.3.9/compat/sysv/runlevel.c	2008-11-05 08:22:17.000000000 -0500
@@ -33,6 +33,9 @@
 #include <stdlib.h>
 #include <string.h>
 #include <unistd.h>
+#if 1 /* HAVE_LIBAUDIT */
+#include <libaudit.h>
+#endif
 
 #include <nih/macros.h>
 #include <nih/alloc.h>
@@ -44,6 +47,7 @@
 
 /* Prototypes for static functions */
 static void store (short type, pid_t pid, const char *user);
+static void send_audit_event (int old, int level);
 
 
 /**
@@ -109,6 +113,7 @@ main (int   argc,
 	/* Store the reboot time? */
 	if (reboot) {
 		store (BOOT_TIME, 0, "reboot");
+		send_audit_event (0, 0);
 		exit (0);
 	}
 
@@ -143,6 +148,7 @@ main (int   argc,
 		prev = cur;
 		if (! prev)
 			prev = 'N';
+		send_audit_event (prev, set[0]);
 
 		cur = set[0];
 	}
@@ -203,3 +209,35 @@ store (short       type,
 	/* Write wtmp entry */
 	updwtmp (WTMP_FILE, &utmp);
 }
+
+/**
+ * send_audit_event
+ * @old: current run level
+ * @level: new run level
+ *
+ * Send system runlevel change audit event. If level is 0, then 
+ * we consider this to be a reboot event.
+ **/
+static void
+send_audit_event (int old, int level)
+{
+#if 1 /* HAVE_LIBAUDIT */
+        int fd = audit_open ();
+
+        if (fd < 0)
+                return;
+
+	if (level) {
+		char buf[64];
+
+	        snprintf (buf, sizeof (buf),
+			"old-level=%c new-level=%c", old, level);
+        	audit_log_user_message (fd, AUDIT_SYSTEM_RUNLEVEL, buf,
+                	NULL, NULL, NULL, 1);
+	} else
+        	audit_log_user_message (fd, AUDIT_SYSTEM_BOOT, "init",
+                	NULL, NULL, NULL, 1);
+        close (fd);
+#endif
+}
+
diff -urp upstart-0.3.9.orig/compat/sysv/shutdown.c upstart-0.3.9/compat/sysv/shutdown.c
--- upstart-0.3.9.orig/compat/sysv/shutdown.c	2008-11-03 12:29:30.000000000 -0500
+++ upstart-0.3.9/compat/sysv/shutdown.c	2008-11-05 08:16:22.000000000 -0500
@@ -38,6 +38,9 @@
 #include <stdlib.h>
 #include <string.h>
 #include <unistd.h>
+#if 1 /* HAVE_LIBAUDIT */
+#include <libaudit.h>
+#endif
 
 #include <nih/macros.h>
 #include <nih/alloc.h>
@@ -452,6 +455,23 @@ runlevel_setter (NihOption  *option,
 	return 0;
 }
 
+/**
+ * send_audit_event
+ *
+ * Send system shutdown audit event
+ **/
+static void
+send_audit_event (void)
+{
+#if 1 /* HAVE_LIBAUDIT */
+	int fd = audit_open ();
+	if (fd < 0)
+		return;
+	audit_log_user_message (fd, AUDIT_SYSTEM_SHUTDOWN, "init",
+		NULL, NULL, NULL, 1);
+	close (fd);
+#endif
+}
 
 /**
  * shutdown_now:
@@ -496,6 +516,7 @@ shutdown_now (void)
 	NIH_MUST (message = upstart_message_new (NULL, UPSTART_INIT_DAEMON,
 						 UPSTART_EVENT_EMIT,
 						 "runlevel", args, env));
+	send_audit_event ();
 
 	/* Send the message */
 	if (nih_io_message_send (message, sock) < 0) {
@@ -513,7 +534,6 @@ shutdown_now (void)
 		nih_fatal (_("Unable to send message: %s"), err->message);
 		exit (1);
 	}
-
 	unlink (ETC_NOLOGIN);
 	nih_main_unlink_pidfile ();
 
diff -up upstart-0.3.9/compat/sysv/Makefile.in.foo upstart-0.3.9/compat/sysv/Makefile.in
--- upstart-0.3.9/compat/sysv/Makefile.in.foo	2009-04-27 15:53:35.000000000 -0400
+++ upstart-0.3.9/compat/sysv/Makefile.in	2009-04-27 15:53:55.000000000 -0400
@@ -280,13 +280,13 @@ EXTRA_DIST = $(manpages)
 @COMPAT_SYSV_TRUE@man_MANS = $(manpages)
 reboot_SOURCES = reboot.c
 reboot_LDFLAGS = -static
-reboot_LDADD = ../../upstart/libupstart.la ../../nih/libnih.la $(LTLIBINTL)
+reboot_LDADD = ../../upstart/libupstart.la ../../nih/libnih.la $(LTLIBINTL) -laudit
 runlevel_SOURCES = runlevel.c
 runlevel_LDFLAGS = -static
-runlevel_LDADD = ../../nih/libnih.la $(LTLIBINTL)
+runlevel_LDADD = ../../nih/libnih.la $(LTLIBINTL) -laudit
 shutdown_SOURCES = shutdown.c
 shutdown_LDFLAGS = -static
-shutdown_LDADD = ../../upstart/libupstart.la ../../nih/libnih.la $(LTLIBINTL)
+shutdown_LDADD = ../../upstart/libupstart.la ../../nih/libnih.la $(LTLIBINTL) -laudit
 telinit_SOURCES = telinit.c
 telinit_LDFLAGS = -static
 telinit_LDADD = ../../upstart/libupstart.la ../../nih/libnih.la $(LTLIBINTL)