On 2019-07-30 15:06, Lenny Bruzenak wrote:
On 7/29/19 4:32 PM, Richard Guy Briggs wrote:
> It is being ignored because that kernel command line extension to the
> original feature was never backported to RHEL7.
That would definitely do it.
> In hindsight, that would have been pretty useful without causing much
> risk. Normally feature backport is driven by customer demand. There
> was a bit of pushback when it was first introduced upstream, but this is
> exactly the scenario I envisioned where it would be most useful. It is
> possible to compile your own kernel and change the default value, but
> that's obviously a hurdle for most.
It would definitely have been useful, some might say even necessary,
given the audit event startup noise occurring with systemd.
Yes, this was yet another difficulty that arose with the change to
systemd from rhel6 to rhel7. The intent was to solve it first in fedora
when it switched to systemd to address this since the number of startup
messages jumped from manageable within the default backlog size to
almost double. There are also other improvements upstream that remove
some of the doubt about exactly how many log messages were lost.
Wow. Thanks Richard, I appreciate the answer on this.
It is all there in fedora and RHEL8, so that is one possible route. It
is a bit late in the RHEL7 life cycle to commit to it, but not
impossible...
LCB
--
Lenny Bruzenak
- RGB
--
Richard Guy Briggs <rgb(a)redhat.com>
Sr. S/W Engineer, Kernel Security, Base Operating Systems
Remote, Ottawa, Red Hat Canada
IRC: rgb, SunRaycer
Voice: +1.647.777.2635, Internal: (81) 32635