Rational behind RefuseManualStop=yes in auditd.service
Tony Jones
tonyj at suse.de
Wed Dec 18 21:07:21 UTC 2013
On 12/18/2013 12:38 PM, Eric Paris wrote:
> He made the change in the upstream repo, because that's what you need
> for certification purposes. Personally, I hate it, cause i don't give a
> hoot about that and would rather things to be consistent, but that's the
> rational. A certifiable audit needs what he has in the repo. If we
> ever get all of the credential data available to systemd it can be
> reverted...
This doesn't really make a lot of sense as a certifiable audit presumably also needs the local Fedora specific changes to systemd, which are not in the upstream systemd repo. So I'd have thought the Fedora specific audit package was a perfectly suitable location for the audit changes rather than the main audit svn repo.
Anyhow, it is what it is. We patched the changes out in our repo.
Tony
More information about the Linux-audit
mailing list