26 жовтня 2009 о 13:39 -0600 Raphael Geissert написав(-ла): > 2009/10/26 Eugeniy Meshcheryakov <eu...@debian.org>: > > 25 жовтня 2009 о 22:37 -0600 Raphael Geissert написав(-ла): > >> The init script is supposed to warn and exit if it detects that the > >> kernel was not built with the necessary options. This check relies on > >> the existance of /boot/config-$(uname -r), do you by some reason not > >> have it? > > After looking into kernel source, maybe it is better to check for > > /proc/1/loginuid (or sessionid), if proc is mounted at that time? > > > > Right, I can add a check for that, but am not quite sure /proc will be > available by then (should be there if you use an initrd by > initramfs-utils). And that still doesn't guarantee that AUDITSYSCALL > is enabled. Well, at least in latest kernel from git code in fs/proc/base.c reads:
#ifdef CONFIG_AUDITSYSCALL REG("loginuid", S_IWUSR|S_IRUGO, proc_loginuid_operations), REG("sessionid", S_IRUGO, proc_sessionid_operations), #endif So, those two files are there only if CONFIG_AUDITSYSCALL is defined. > > Anyway, even if the audit subsystem is not enabled the collector > should fail and the boot continue as usually. There was recently a That will be even better.
signature.asc
Description: Digital signature