[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: rhgb no more

On Tuesday 13 May 2008 13:07:51 Ray Strode wrote:
> The replacement for rhgb will be a mixture of two things:
> 1) Starting gdm as early as possible and fitting it to give boot
> progress before asking for login.

Please note that the audit daemon needs to start before any daemon if you want 
it to work right. There's a couple reasons, one being that it enables the 
audit system and without that, any process running before the audit daemon is 
not auditable - ever. The work around is to add audit=1 to grub.conf, but 
then you get a performance hit for everyone.

The second reason is that any audit event that occurs before the audit daemon 
runs could be lost. There may be AVCs on boot that you want or something else 
important that you wanted to capture.

I guess the message is without coordination, some of our security features may 
not be working right unless consideration is given to their needs.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]