[arch-dev-public] perf-trace missing due to a dependency on libaudit
danielmicay at gmail.com
Wed May 7 10:11:52 EDT 2014
On 07/05/14 05:28 AM, Connor Behan wrote:
> On 07/05/14 01:07 AM, Daniel Micay wrote:
>> Sadly, the `perf trace` command has a dependency on libaudit for a few
>> convenience functions. I'm curious about what people feel the best
>> approach would be here... adding back audit to [community] is ugly since
>> it's not going to work, but building it and statically linking it in the
>> linux-tools package is overly complex.
>> The lesser evil seems to be adding only a libaudit package... but it's
>> still not going to work if someone tries to use it for what it's
>> intended to do. I'll probably go with this if there's no saner idea.
> Why not enable audit in your linux-grsec package? Then you can make
> linux-grsec an optional dependency of the audit userspace tools for
> people who want to use more than just the convenience functions. I still
> have an occasional use for audit and the overhead it adds to the kernel
> is negligible compared to grsecurity itself.
RBAC also allows quite a bit of auditing with the grsecurity audit
infrastructure. You can audit attempts to make use of a certain path,
capability, IP protocol, etc. Of course, this assumes you have a basic
working RBAC policy for tacking on allowed + audited policies or
disallowed + audited policies. So CONFIG_AUDIT=Y is a lot less useful.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 836 bytes
Desc: OpenPGP digital signature
More information about the arch-dev-public