(Delayed) HEADS UP: AUDIT in GENERIC
Robert Watson
rwatson at FreeBSD.org
Wed Jun 13 15:58:34 UTC 2007
This is a delayed HEADS UP that "options AUDIT" is now the default in GENERIC.
This means you either need to add "nooptions AUDIT" in configs based on
GENERIC, or you can now take out "options AUDIT" :-). Audit support will not
be enabled by default out-of-the-box, but it will now be possible to turn it
on without a kernel recompile.
If someone wants to lend a hand updating the chapter in the Handbook, that
would be most helpful. A reboot is still required after setting the rc.conf
entry to propagate any audit_user/audit_control settings to all login
sessions; you can do it without a reboot if you don't want to retroactively
enforce audit on login sessions already present when audit is started.
Robert N M Watson
Computer Laboratory
University of Cambridge
---------- Forwarded message ----------
Date: Fri, 8 Jun 2007 20:29:07 +0000 (UTC)
From: Robert Watson <rwatson at FreeBSD.org>
To: src-committers at FreeBSD.org, cvs-src at FreeBSD.org, cvs-all at FreeBSD.org
Subject: cvs commit: src/sys/amd64/conf GENERIC src/sys/i386/conf GENERIC
src/sys/ia64/conf GENERIC src/sys/pc98/conf GENERIC
src/sys/powerpc/conf GENERIC src/sys/sparc64/conf GENERIC
src/sys/sun4v/conf GENERIC
rwatson 2007-06-08 20:29:07 UTC
FreeBSD src repository
Modified files:
sys/amd64/conf GENERIC
sys/i386/conf GENERIC
sys/ia64/conf GENERIC
sys/pc98/conf GENERIC
sys/powerpc/conf GENERIC
sys/sparc64/conf GENERIC
sys/sun4v/conf GENERIC
Log:
Enable AUDIT by default in the GENERIC kernel, allowing security event
auditing to be turned on without a kernel recompile, just an rc.conf
option.
Approved by: re (kensmith)
Obtained from: TrustedBSD Project
Revision Changes Path
1.479 +1 -0 src/sys/amd64/conf/GENERIC
1.469 +1 -0 src/sys/i386/conf/GENERIC
1.90 +1 -0 src/sys/ia64/conf/GENERIC
1.294 +1 -0 src/sys/pc98/conf/GENERIC
1.69 +1 -0 src/sys/powerpc/conf/GENERIC
1.124 +1 -0 src/sys/sparc64/conf/GENERIC
1.12 +1 -0 src/sys/sun4v/conf/GENERIC
More information about the freebsd-current
mailing list