[RFC PATCH 2/5] audit: initialize the audit subsystem as early as possible

Richard Guy Briggs rgb at redhat.com
Sat Sep 2 06:09:57 UTC 2017 

On 2017-09-01 09:44, Paul Moore wrote:
> From: Paul Moore <paul at paul-moore.com>
> 
> We can't initialize the audit subsystem until after the network layer
> is initialized (core_initcall), but do it soon after.

I had run into a similar problem when trying to log the creation of
initial namespaces and had to move this around in V4 to V7 of the
namespace ID and namespace serial number patchsets:

2014-08-20 21:09 To linux-audit at redha (  26) ├─>[PATCH V4 8/8] audit: initialize at subsystem time rather than device time
https://www.redhat.com/archives/linux-audit/2014-August/msg00044.html
2014-10-06 01:08 To linux-audit at redha (3.0K) ├─>[PATCH V5 05/13] audit: initialize at subsystem time rather than device time
https://www.redhat.com/archives/linux-audit/2014-October/msg00035.html
2015-04-17 03:35 To containers at lists. (3.0K) ├─>[PATCH V6 04/10] audit: initialize at subsystem time rather than device time
https://www.redhat.com/archives/linux-audit/2015-April/msg00018.html
2015-05-12 16:02 To linux-audit at redha (3.0K) ├─>[PATCH V7 05/10] audit: initialize at subsystem time rather than device time
https://www.redhat.com/archives/linux-audit/2015-May/msg00023.html

> Signed-off-by: Paul Moore <paul at paul-moore.com>

Reviewed-by: Richard Guy Briggs <rgb at redhat.com>

> ---
>  kernel/audit.c |    2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/kernel/audit.c b/kernel/audit.c
> index 33b00ec2157f..de8a9b8465ae 100644
> --- a/kernel/audit.c
> +++ b/kernel/audit.c
> @@ -1561,7 +1561,7 @@ static int __init audit_init(void)
>  
>  	return 0;
>  }
> -__initcall(audit_init);
> +postcore_initcall(audit_init);
>  
>  /* Process kernel command-line parameter at boot time.  audit=0 or audit=1. */
>  static int __init audit_enable(char *str)
> 
> --
> Linux-audit mailing list
> Linux-audit at redhat.com
> https://www.redhat.com/mailman/listinfo/linux-audit

- RGB

--
Richard Guy Briggs <rgb at redhat.com>
Sr. S/W Engineer, Kernel Security, Base Operating Systems
Remote, Ottawa, Red Hat Canada
IRC: rgb, SunRaycer
Voice: +1.647.777.2635, Internal: (81) 32635

More information about the Linux-audit mailing list