On Fri, 4 Jan 2008, Eric Paris wrote:
There is no reason that a user cannot turn auditd off themselves (kernel just reroutes the messages to syslog rather than audit log) but audit still functions and serves a purpose all by itself.
Yeah turns out my big problem is likely with the # decription : provided to s-c-s through the /etc/init.d/foo files so user knows they can actually turn it off without shooting themselves in the foot.
My opinion, if you disable SELinux in the installer (or s-c-selinux) it should disable those other programs you mentioned if those programs are not smart enough to not run on their own. (sounds like setroubleshoot and i'm going to guess sealert already are smart enough and anaconda/s-c-* shouldn't bother them...)
I think the best thing I can do is patch their # description : entries, so the s-c-s user knows this.
If this was a major problem with s-c-s to me (not very high tech indeed) I'm bold enough to believe it's going to be to many others as well.
Linus -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
