Am 28.03.2014 06:25, schrieb Connor Behan: > On 27/03/14 08:24 AM, tho...@archlinux.org wrote: >> Am 27.03.2014 09:52, schrieb Connor Behan: >>> On 27/03/14 01:07 AM, tho...@archlinux.org wrote: >>>> Am 26.03.2014 20:08, schrieb Dave Reisner: >>>>> Looks like audit is still built into our kernel. Wasn't this meant to be >>>>> reverted as well? >>>> Forgot about that. That was pulled in by AppArmor or so. >>> Wasn't it pulled in by http://bugs.archlinux.org/task/12584 and the fact >>> that community/audit came out shortly after? >> No, it was pulled in accidentally as a dependency of AppArmor. > I doubt that. AppArmor was enabled a year and a half after audit was. > > https://projects.archlinux.org/svntogit/packages.git/commit/trunk?h=packages/kernel26&id=e46bc1d41848b258a138df26590967dc1e0a3417 > > https://projects.archlinux.org/svntogit/packages.git/commit/trunk?h=packages/kernel26&id=688e0f7508fa943868470e9d6c0dcb12823b06f0
Yeah, that was incorrect in my memory. It was actually SELinux that pulled it in. >> If we actually want audit, we should support it as well. Our systemd >> package is compiled with -AUDIT for example. >> >> Since audit is one of those "enabled unless the user intervenes" option >> that also does annoying things, I would like to get rid of it in our kernel. > It is supported if you count [community] packages. I'll ask on the LKML > if anything can be done about the logging. It's not about logging, it's about being enabled by default when it is supported by the kernel. There's no "disable audit by default" switch.
signature.asc
Description: OpenPGP digital signature
