2016-12-28 14:44 GMT+02:00 Patrick O'Callaghan <pocallaghan@xxxxxxxxx>:
Because depending on Your Chrome usage, it could flood logs and make difficult to search something truly important.
On Tue, 2016-12-27 at 21:17 +0200, Alchemist wrote:
> 2016-12-27 21:00 GMT+02:00 Patrick O'Callaghan <pocallaghan@xxxxxxxxx>:
>
> > On Tue, 2016-12-27 at 08:48 -0500, Tom Horsley wrote:
> > > On Tue, 27 Dec 2016 13:35:09 +0000
> > > Patrick O'Callaghan wrote:
> > >
> > > > b) can be turned off?
> > >
> > > Edit grub.cfg and put audit=0 on the kernel command line.
> > > Disable the auditd service.
> > > No more audit messages from anything :-).
> >
> > Wasn't really the question. I want to know what it's telling me before
> > I decide whether to turn it off.
> >
> >
> >
>
> http://billauer.co.il/blog/2015/08/linux-google-chrome- aw-snap-seccomp/
Thanks, I had used ausearch to confirm these are SECCOMP errors, i.e.
problems with Chrome sandboxing (which apparently have been around for
a long time). However the URL above recommends just running Chrome
without the sandbox, which a) isn't a solution and b) is no longer
supported.
Now that I know what it is, I can just ignore the audit errors.
Yes, or you may add something like
-a exclude,always -F msgtype=1326
or
-a exclude,always -F exe=/opt/google/chrome/chrome
-a exclude,always -F msgtype=1326
or
-a exclude,always -F exe=/opt/google/chrome/chrome
to /etc/audit/audit.rules
systemctl restart auditd
see man auditctl
_______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
