On 07/30/2013 01:25 PM, Steve Grubb wrote: > On Tuesday, July 30, 2013 10:04:46 PM Laurent Bigonville wrote: >> Hi, >> >> I would like to know the rational behind RefuseManualStop=yes in >> auditd.service file. > > The short term "fix" is to force admins to use the service command which > loads > legacy helper scripts which are pulled from the old SysV init script. It > sends > signals in the user's context so that the auid is correct.
You mean this? https://lists.fedoraproject.org/pipermail/devel/2012-June/169411.html The problem is that (I believe) this feature isn't in upstream systemd, rather it's Fedora specific. > If you don't need to meet common criteria requirements, then patch it out so > its the way you like it. If I'm correct and the above is Fedora specific, I would have thought the better option was to not use such extensions in the audit svn codebase; rather patch them *in* via the Fedora rpms. Or make it configure tuneable. Tony -- Linux-audit mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-audit
