Re: Inconsistencies between shipped initscript and .service file

public inbox for linux-audit@redhat.com
 help / color / mirror / Atom feed

From: Steve Grubb <sgrubb@redhat.com>
To: linux-audit@redhat.com
Subject: Re: Inconsistencies between shipped initscript and .service file
Date: Wed, 29 Jun 2016 12:29:02 -0400	[thread overview]
Message-ID: <1489827.i94fL1NloU@x2> (raw)
In-Reply-To: <70d04f75-0f85-ff0e-5306-e4386fa6fc40@debian.org>

Hello,

On Wednesday, June 29, 2016 05:48:46 PM Laurent Bigonville wrote:
> I think there are inconsistencies between the behavior of the shipped
> LSB inistscript and the systemd .service.
> 
> The sysconfig config file sets USE_AUGENRULES="no" and
> AUDITD_CLEAN_STOP="yes" while the .service file is actually doing the
> opposite.
> 
> I guess that the sysconfig config should be modified (even if it's a
> quite minor issue)?

The idea is this, I didn't want to cause a regression on distributions. The 
sysvinit scripts have been shipped forever and always expected the rule to be 
in a specific place. So, its disabled so that there are no surprises. That's 
because to enable it means that you got to put the rules in the rules.d 
directory.

So, the thinking is that if you areswitching to systemd, there a lot different 
about the system and as part of re-doing how you use the system let's just put 
the rules in the right place and use augenrules by default.

Migrating between the two is not so easy. It needs to be done with intention 
or you might get your rules overwritten.

-Steve

     prev parent reply	other threads:[~2016-06-29 16:29 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-06-29 15:48 Inconsistencies between shipped initscript and .service file Laurent Bigonville
2016-06-29 16:29 ` Steve Grubb [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1489827.i94fL1NloU@x2 \
    --to=sgrubb@redhat.com \
    --cc=linux-audit@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox