From mboxrd@z Thu Jan  1 00:00:00 1970
From: Tony Jones <tonyj@suse.de>
Subject: Re: Rational behind RefuseManualStop=yes in auditd.service
Date: Wed, 18 Dec 2013 13:07:21 -0800
Message-ID: <52B20E89.1050706@suse.de>
References: <20130730220446.0dced4f5@fornost.bigon.be>	
	<3276481.Os0RojCrYf@x2> <529E3C0F.8040607@suse.de>
	<1387399090.29366.22.camel@flatline.rdu.redhat.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Return-path: <linux-audit-bounces@redhat.com>
In-Reply-To: <1387399090.29366.22.camel@flatline.rdu.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/linux-audit>
List-Post: <mailto:linux-audit@redhat.com>
List-Help: <mailto:linux-audit-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=subscribe>
Sender: linux-audit-bounces@redhat.com
Errors-To: linux-audit-bounces@redhat.com
To: Eric Paris <eparis@redhat.com>
Cc: linux-audit@redhat.com
List-Id: linux-audit@redhat.com

On 12/18/2013 12:38 PM, Eric Paris wrote:

> He made the change in the upstream repo, because that's what you need
> for certification purposes.  Personally, I hate it, cause i don't give a
> hoot about that and would rather things to be consistent, but that's the
> rational.  A certifiable audit needs what he has in the repo.  If we
> ever get all of the credential data available to systemd it can be
> reverted...

This doesn't really make a lot of sense as a certifiable audit presumably also needs the local Fedora specific changes to systemd, which are not in the upstream systemd repo.   So I'd have thought the Fedora specific audit package was a perfectly suitable location for the audit changes rather than the main audit svn repo.

Anyhow, it is what it is.   We patched the changes out in our repo.

Tony