What are these for?
Matthew Miller
mattdm at fedoraproject.org
Wed Nov 21 00:09:03 UTC 2012
On Mon, Nov 19, 2012 at 03:51:03PM +0100, lee wrote:
> what is auditd for? The manpage doesn't tell me, and I can't find any
> documentation about it telling me what the purpose is. Is there
> anything that speaks against disabling it?
This records secure log messages from the kernel, including SELinux alerts.
You don't technically _need_ it, but these are important messages.
> Similar with mcelog: What do I need that for? And benefits from it? I
> can probably just disable it.
This handles hardware errors. In addition to logging, the daemon can (and is
configured to) take some corrective and preventative actions. You basically
want this.
> Do I need polkitd? It doesn't make sense to me; if I want to do
> something for which more permissions are required, I do it as root. So
> what's the benefit I would have from polkitd?
Polkit allows applications to use root permissions for fine-grained actions
rather than running as root all the time. That increases security. For
example, a timezone applet can show you the time as a regular user and only
require extra authentication to change it. However, if you don't want or
need this functionality, applications are supposed to gracefully fall back
to requiring root.
--
Matthew Miller ☁☁☁ Fedora Cloud Architect ☁☁☁ <mattdm at fedoraproject.org>
More information about the users
mailing list