-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 6/17/14, 8:04, Matthew Miller wrote:
I was looking at
https://fedorahosted.org/fesco/ticket/1311, and
it occured to me that we don't ship the selinux troubleshooting
tools by default in the minimal cloud image (add 'em if you need
them). We do leave _audit_ there.
What do people think about removing it? (As noted in the ticket,
it's mostly useful with configuration, not in the default state.)
If a user could still get their AVC denials logged without full
syscall auditing, then I support the change. From what I understand,
you can disable syscall auditing without losing your AVC messages.
Anyone who needs to run complicated audit rules (perhaps some from CIS
or OpenSCAP) will probably customize the image a fair amount before
running it in production anyway.
- --
Major Hayden
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: Using GnuPG with Thunderbird -
http://www.enigmail.net/
iQEcBAEBAgAGBQJToEcFAAoJEONAdDQ9I/mwvXwH/17snCRI/9DSdWeImTiGSVAf
c1TE4Karqa/ang8RvSPW9/8dlwRu1LEnUwvmCHjuvGceLHxD3Ugkk66Aimhu7f/f
2O+hnn96un0h4i88hsNSv3Kio+G24l84ZbU5lJ3R5ZPRca5pGmeP7DfSNZTspUyA
y0tiutVBPGV+uGjmMUDjqPi28bfbpdHuOq8ZkKlm3HNA8F8x2/dRBqukXxxH4b7R
mHdrhXAQf+kwT4tHdGjY9ePr7jmXehnIvIPWYxGFyR5H0q4Xm8bwjkqbBMNO8tpG
yHbqOFNXGjqb5LfmjyEB6H+5RWNOK7a+pXdLqGw+OuHVt0StnMo2n4W/LmsLQBU=
=H75s
-----END PGP SIGNATURE-----