please enable CONFIG_AUDIT_LOGINUID_IMMUTABLE
Josh Boyer
jwboyer at redhat.com
Mon Feb 18 18:15:09 UTC 2013
On Mon, Feb 18, 2013 at 06:07:08PM +0100, Michal Schmidt wrote:
> Hello Fedora kernel maintainers,
>
> please consider setting CONFIG_AUDIT_LOGINUID_IMMUTABLE=y for F19.
>
> It brings a security benefit and should be safe to turn on since
> we're using systemd to start services.
Refresh my memory please. Are we using systemd to start 100% of the
services provided in Fedora? I seem to recall there are still a number
of packages not using/providing systemd unit files. Would enabling this
cause them to get weird EPERM errors?
Is there a simple thing to check for aside from EPERM if issues from
this do pop up?
josh
More information about the kernel
mailing list