41 lines
1.5 KiB
Diff
41 lines
1.5 KiB
Diff
|
From 593db1c78011ddce551051ce17eda6feac079b3d Mon Sep 17 00:00:00 2001
|
||
|
|
From: Mike Gilbert <floppym@gentoo.org>
|
||
|
|
Date: Fri, 21 Aug 2020 13:16:17 -0400
|
||
|
|
Subject: [PATCH] journald: do not change the kernel audit setting by default
|
||
|
|
|
||
|
|
Bug: https://bugs.gentoo.org/736910
|
||
|
|
---
|
||
|
|
man/journald.conf.xml | 2 +-
|
||
|
|
src/journal/journald-server.c | 2 +-
|
||
|
|
2 files changed, 2 insertions(+), 2 deletions(-)
|
||
|
|
|
||
|
|
diff --git a/man/journald.conf.xml b/man/journald.conf.xml
|
||
|
|
index bfd359a903..7e93d4050e 100644
|
||
|
|
--- a/man/journald.conf.xml
|
||
|
|
+++ b/man/journald.conf.xml
|
||
|
|
@@ -411,7 +411,7 @@
|
||
|
|
<command>systemd-journald</command> collects generated audit records, it just controls whether it
|
||
|
|
tells the kernel to generate them. This means if another tool turns on auditing even if
|
||
|
|
<command>systemd-journald</command> left it off, it will still collect the generated
|
||
|
|
- messages. Defaults to on.</para></listitem>
|
||
|
|
+ messages.</para></listitem>
|
||
|
|
</varlistentry>
|
||
|
|
|
||
|
|
<varlistentry>
|
||
|
|
diff --git a/src/journal/journald-server.c b/src/journal/journald-server.c
|
||
|
|
index 5865bf9809..163be685a8 100644
|
||
|
|
--- a/src/journal/journald-server.c
|
||
|
|
+++ b/src/journal/journald-server.c
|
||
|
|
@@ -2208,7 +2208,7 @@ int server_init(Server *s, const char *namespace) {
|
||
|
|
.compress.threshold_bytes = (uint64_t) -1,
|
||
|
|
.seal = true,
|
||
|
|
|
||
|
|
- .set_audit = true,
|
||
|
|
+ .set_audit = -1,
|
||
|
|
|
||
|
|
.watchdog_usec = USEC_INFINITY,
|
||
|
|
|
||
|
|
--
|
||
|
|
2.28.0
|
||
|
|
|