Re: Revisiting the SELinux/audit question: Disabling audit on the kernel command line

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Sun, Feb 12, 2017 at 6:43 PM, Tobias Markus <tobias@xxxxxxxxx> wrote:

> Hi,
>
> As some of you might know, the question of enabling SELinux support in
> the official Arch Linux kernel package has been brought up a number of
> times. The main issue that has been pointed out the previous time was
> that enabling SELinux depends on CONFIG_AUDIT which is considered
> unnecessary or even harmful for most desktop users since it generates a
> flood of kernel log messages.
>

Hi,
Do you have more information about this unwanted flood of messages? From my
personal experience on systems with SELinux and audit, the application
which produces the biggest number of audit events is Chromium, because of
misconfigured seccomp rules that report in audit log every call to
set_robust_list(). This has been reported two years ago on Chromium bug
tracker and the developers seem unwilling to fix it (
https://bugs.chromium.org/p/chromium/issues/detail?id=456535). If there are
similar problems which need to be fixed before thinking of enabling audit
compilation in Arch Linux kernel, where can I find information on them?

Regards,
Nicolas



[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Share Photos]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]
  Powered by Linux