Re: [PATCH v2] audit: add feature audit_lost reset
On 2016-12-15 22:12, Steve Grubb wrote:
On Thursday, December 15, 2016 7:50:48 PM EST Paul Moore wrote:
> On Thu, Dec 15, 2016 at 7:22 PM, Steve Grubb <sgrubb(a)redhat.com> wrote:
> > I'm planning to replace all the config change logging with the
> > audit_log_task_simple function I sent so that we have everything. Can we
> > go ahead and pull that in so that we can start using it?
>
> There needs to be more than one user of the function to make it
> worthwhile; so far that function has only been proposed with a single
> user. Propose it with multiple users and we can look at it seriously.
That's because I have several unrelated patches that use it. Do you want me to
send all of them at once? There's going to be at least 5 users of the
function. Possibly more. I want it to be the default for all future events
added because it concisely gives the necessary information for well-formed
events.
I'd send the audit_log_task_simple() patch alone, then send each feature
that uses it in a separate patch set. Failing that, send it as a
separate patch in the first patch set to make it available for all, then
follow it with more separate patchsets for other events.
There is a chicken and egg problem here.
-Steve
- RGB
--
Richard Guy Briggs <rgb(a)redhat.com>
Kernel Security Engineering, Base Operating Systems, Red Hat
Remote, Ottawa, Canada
Voice: +1.647.777.2635, Internal: (81) 32635