From mboxrd@z Thu Jan  1 00:00:00 1970
From: Tony Jones <tonyj@suse.de>
Subject: Re: Rational behind RefuseManualStop=yes in auditd.service
Date: Tue, 03 Dec 2013 12:16:15 -0800
Message-ID: <529E3C0F.8040607@suse.de>
References: <20130730220446.0dced4f5@fornost.bigon.be> <3276481.Os0RojCrYf@x2>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Return-path: <linux-audit-bounces@redhat.com>
In-Reply-To: <3276481.Os0RojCrYf@x2>
List-Unsubscribe: <https://www.redhat.com/mailman/options/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/linux-audit>
List-Post: <mailto:linux-audit@redhat.com>
List-Help: <mailto:linux-audit-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=subscribe>
Sender: linux-audit-bounces@redhat.com
Errors-To: linux-audit-bounces@redhat.com
To: linux-audit@redhat.com
List-Id: linux-audit@redhat.com

On 07/30/2013 01:25 PM, Steve Grubb wrote:
> On Tuesday, July 30, 2013 10:04:46 PM Laurent Bigonville wrote:
>> Hi,
>>
>> I would like to know the rational behind RefuseManualStop=yes in
>> auditd.service file.
> 
> The short term "fix" is to force admins to use the service command which loads 
> legacy helper scripts which are pulled from the old SysV init script. It sends 
> signals in the user's context so that the auid is correct.

You mean this?  https://lists.fedoraproject.org/pipermail/devel/2012-June/169411.html

The problem is that (I believe) this feature isn't in upstream systemd, rather it's Fedora specific.  

> If you don't need to meet common criteria requirements, then patch it out so its the way you like it.

If I'm correct and the above is Fedora specific, I would have thought the better option was to not use such extensions in the audit svn codebase;  rather patch them *in* via the Fedora rpms.   Or make it configure tuneable.

Tony