audit: always enable syscall auditing when supported and audit is enabled
To the best of our knowledge, everyone who enables audit at compile time also enables syscall auditing; this patch simplifies the Kconfig menus by removing the option to disable syscall auditing when audit is selected and the target arch supports it. Signed-off-by: Paul Moore <pmoore@redhat.com>
This commit is contained in:
Paul Moore
Paul Moore
Родитель
96368701e1
Коммит
cb74ed278f
11
init/Kconfig
11
init/Kconfig
|
|
@ -299,20 +299,15 @@ config AUDIT
|
|||
help
|
||||
Enable auditing infrastructure that can be used with another
|
||||
kernel subsystem, such as SELinux (which requires this for
|
||||
logging of avc messages output). Does not do system-call
|
||||
auditing without CONFIG_AUDITSYSCALL.
|
||||
logging of avc messages output). System call auditing is included
|
||||
on architectures which support it.
|
||||
|
||||
config HAVE_ARCH_AUDITSYSCALL
|
||||
bool
|
||||
|
||||
config AUDITSYSCALL
|
||||
bool "Enable system-call auditing support"
|
||||
def_bool y
|
||||
depends on AUDIT && HAVE_ARCH_AUDITSYSCALL
|
||||
default y if SECURITY_SELINUX
|
||||
help
|
||||
Enable low-overhead system-call auditing infrastructure that
|
||||
can be used independently or with another kernel subsystem,
|
||||
such as SELinux.
|
||||
|
||||
config AUDIT_WATCH
|
||||
def_bool y
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче