Re: EXT :Fold CONFIG_AUDITSYSCALL into CONFIG_AUDIT?
On Tue, Nov 24, 2015 at 8:58 AM, Boyce, Kevin P (AS)
<Kevin.Boyce(a)ngc.com> wrote:
Having never looked at the code, it sounds reasonable to me. It
doesn't make a lot of sense to disable syscall auditing independently.
I'd be very surprised to hear if anyone is running audit *without*
syscall auditing, but I thought I would toss the question out there on
the off chance I'm missing some critical use case.
-----Original Message-----
From: linux-audit-bounces(a)redhat.com [mailto:linux-audit-bounces@redhat.com] On Behalf Of
Paul Moore
Sent: Monday, November 23, 2015 5:43 PM
To: linux-audit(a)redhat.com
Subject: EXT :Fold CONFIG_AUDITSYSCALL into CONFIG_AUDIT?
Does anyone out there build kernels with CONFIG_AUDIT=y and CONFIG_AUDITSYSCALL=n?
I'm thinking of simply removing the CONFIG_AUDITSYSCALL knob and moving all that code
under CONFIG_AUDIT, does anyone have any objections?
--
paul moore
www.paul-moore.com