[arch-dev-public] Trimming down our default kernel configuration

Thomas Bächler thomas at archlinux.org
Fri Mar 28 02:38:10 EDT 2014

Am 28.03.2014 06:25, schrieb Connor Behan:
> On 27/03/14 08:24 AM, thomas at archlinux.org wrote:
>> Am 27.03.2014 09:52, schrieb Connor Behan:
>>> On 27/03/14 01:07 AM, thomas at archlinux.org wrote:
>>>> Am 26.03.2014 20:08, schrieb Dave Reisner:
>>>>> Looks like audit is still built into our kernel. Wasn't this meant to be
>>>>> reverted as well?
>>>> Forgot about that. That was pulled in by AppArmor or so.
>>> Wasn't it pulled in by http://bugs.archlinux.org/task/12584 and the fact
>>> that community/audit came out shortly after?
>> No, it was pulled in accidentally as a dependency of AppArmor.
> I doubt that. AppArmor was enabled a year and a half after audit was.
> https://projects.archlinux.org/svntogit/packages.git/commit/trunk?h=packages/kernel26&id=e46bc1d41848b258a138df26590967dc1e0a3417
> https://projects.archlinux.org/svntogit/packages.git/commit/trunk?h=packages/kernel26&id=688e0f7508fa943868470e9d6c0dcb12823b06f0

Yeah, that was incorrect in my memory. It was actually SELinux that
pulled it in.

>> If we actually want audit, we should support it as well. Our systemd
>> package is compiled with -AUDIT for example.
>> Since audit is one of those "enabled unless the user intervenes" option
>> that also does annoying things, I would like to get rid of it in our kernel.
> It is supported if you count [community] packages. I'll ask on the LKML
> if anything can be done about the logging.

It's not about logging, it's about being enabled by default when it is
supported by the kernel. There's no "disable audit by default" switch.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 901 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-dev-public/attachments/20140328/50c8751b/attachment-0001.asc>

More information about the arch-dev-public mailing list