On Tue, Feb 19, 2013 at 11:29 AM, Jon Masters <jonat...@jonmasters.org> wrote: > From: Jon Masters <j...@jonmasters.org> > > Systemd relies upon CONFIG_AUDITSYSCALL support being present in the kernel. > This is because systemd-logind calls audit_session_from_pid, which uses > /proc/self/sessionid to determine whether an existing session is being > replaced as part of e.g. a call to sudo, pkexec, or similar. Without > support for system call auditing, these commands will silently fail as > their session is killed immediately after it is created by systemd. > > For now, add a check after the existing cgroups test, but in the future > these functions should all move into a generic check_kconfig function > that tests all of the configured kernel options, including these for > compliance with the evolving base platform requirements of systemd. > > Signed-off-by: Jon Masters <j...@jonmasters.org>
Hmmm The security folks here really dislike CONFIG_AUDIT* as (I understand from them) it potentially leaks confidential information... This message now comes out rather blunt to those folks who wish to disable it... I'm not sure I'll appreciate the console spam from this message. Is this really necessary? Auke _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
