On Thu, Dec 3, 2020 at 9:47 PM Steve Grubb <sgr...@redhat.com> wrote: > On Thursday, December 3, 2020 9:16:52 PM EST Paul Moore wrote: > > > > > Author: Richard Guy Briggs <r...@redhat.com> > > > > > AuthorDate: 2014-11-17 15:51:01 -0500 > > > > > Commit: Paul Moore <pmo...@redhat.com> > > > > > CommitDate: 2014-11-17 16:53:51 -0500 > > > > > ("audit: convert status version to a feature bitmap") > > > > > It was introduced specifically to enable distributions to selectively > > > > > backport features. It was converted away from AUDIT_VERSION. > > > > > > > > > > There are other ways to detect the presence of > > > > > backlog_wait_time_actual > > > > > as I mentioned above. > > > > > > > > Let me be blunt - I honestly don't care what Steve's audit userspace > > > > does to detect this. I've got my own opinion, but Steve's audit > > > > userspace is not my project to manage and I think we've established > > > > over the years that Steve and I have very different views on what > > > > constitutes good design. > > > > > > And guessing what might be in buffers of different sizes is good design? > > > The FEATURE_BITMAP was introduced to get rid of this ambiguity. > > > > There is just soo much to unpack in your comment Steve, but let me > > keep it short ... > > > > - This is an enterprise distro problem, not an upstream problem. The > > problems you are talking about are not a problem for upstream. > > You may look at it that way. I do not. Audit -userspace is also an upstream > for a lot of distros and I need to make this painless for them. So, while you > may think of this being a backport problem for Red Hat to solve, I think of > this as a generic problem that I'd like to solve for Debian, Suse, Ubuntu, > Arch, Gentoo, anyone using audit. We both are upstream.
I intentionally said "enterprise Linux distributions", I never singled out RH/IBM. Contrary to what RH/IBM marketing may have me believe, I don't consider RHEL to be the only "enterprise Linux distribution" :) Beyond that, while I haven't looked at all of the distros you list above, I know a few of them typically only backport fixes, not new features. Further, as I mentioned previously in this thread, there is a way to backport this feature in a safe manner without using the feature bits. Eeeeeven further, if there wasn't a way to backport this feature safely (and let me stress agai that you can backport this safely), I would still consider that to be a distro problem and not an upstream kernel problem. The upstream kernel is not responsible for enabling or supporting arbitrary combinations of patches. -- paul moore www.paul-moore.com -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit