Fact checking

Posted Jun 4, 2014 4:24 UTC (Wed) by dirtyepic (guest, #30178)
In reply to: Fact checking by zdzichu
Parent article: Who audits the audit code?

I can't argue that, but it's disappointing. Systemd isn't really an option here (in fact it's proven impossible for us to make any kind of big change - we're still on cvs FFS).

Fact checking

Posted Jun 14, 2014 9:19 UTC (Sat) by Duncan (guest, #6647) [Link] (2 responses)

Systemd requires it too (or at least gentoo's systemd ebuild checks for it and warns if the thing isn't enabled), probably for exactly the same thing consolekit uses it for, if not more.

But no sign of kauditd. I might just try disabling CONFIG_AUDIT or at least CONFIG_AUDITSYSCALL next time I do a kernel build and see if systemd can run properly with it disabled. I've wondered why I actually needed it ever since I first enabled it. At least that way if I have to actually reenable it, I'll know exactly what I was unbreaking by doing so.

Fact checking

Posted Jun 14, 2014 13:56 UTC (Sat) by Duncan (guest, #6647) [Link] (1 responses)

Well, whatever systemd "requires" CONFIG_AUDIT for, doesn't seem to affect me turning it off. I rebuild without it, rebooted, logged in, started X... launched a terminal window and zgrepped /proc/config.gz for CONFIG_AUDIT to verify I hadn't somehow booted the old kernel... Loaded up firefox and LWN again to write this update...

Still don't know what systemd "requires" it for, but it's off now and doesn't seem to hurt me, so... I'm leaving it off.

Fact checking

Posted Jun 16, 2014 11:13 UTC (Mon) by cortana (subscriber, #24596) [Link]

It's funny because systemd's README explicitly instructs users who want to run systemd inside a container to disable the audit subsystem.