diff options
| author |   Mike Gilbert <[email protected]> | 2025-10-13 12:08:54 -0400 |
|---|---|---|
| committer | Mike Gilbert <[email protected]> | 2025-10-13 12:08:54 -0400 |
| commit | 616a27c31f78ec06d2b914ef25e171468d6aa932 (patch) | |
| tree | 7fe4409494e28bd31b708f8088b9073493f69781 | |
| parent | sys-kernel/gentoo-sources: add 6.17.2 (diff) | |
| download | gentoo-616a27c31f78ec06d2b914ef25e171468d6aa932.tar.gz gentoo-616a27c31f78ec06d2b914ef25e171468d6aa932.tar.bz2 gentoo-616a27c31f78ec06d2b914ef25e171468d6aa932.zip | |
sys-apps/systemd: rebase audit patch for 258.1
Signed-off-by: Mike Gilbert <[email protected]>
| -rw-r--r-- | sys-apps/systemd/files/gentoo-journald-audit-r3.patch | 51 |
1 files changed, 51 insertions, 0 deletions
diff --git a/sys-apps/systemd/files/gentoo-journald-audit-r3.patch b/sys-apps/systemd/files/gentoo-journald-audit-r3.patch new file mode 100644 index 000000000000..291559ff2290 --- /dev/null +++ b/sys-apps/systemd/files/gentoo-journald-audit-r3.patch @@ -0,0 +1,51 @@ +From 0f16422e52ef793407d1cbef0c38eff29d6e251c Mon Sep 17 00:00:00 2001 +From: Mike Gilbert <[email protected]> +Date: Wed, 17 Sep 2025 15:40:57 -0400 +Subject: [PATCH] journald: do not change the kernel audit setting by default + +Bug: https://bugs.gentoo.org/736910 +--- + man/journald.conf.xml | 2 +- + src/journal/journald-config.c | 2 +- + src/journal/journald.conf | 2 +- + 3 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/man/journald.conf.xml b/man/journald.conf.xml +index 1d615b110d..4676d674a2 100644 +--- a/man/journald.conf.xml ++++ b/man/journald.conf.xml +@@ -483,7 +483,7 @@ + turn it off. When <literal>keep</literal> it will neither enable nor disable it, leaving the previous + state unchanged. This means if another tool turns on auditing even if + <command>systemd-journald</command> left it off, it will still collect the generated messages. +- Defaults to yes in the default journal namespace, and <literal>keep</literal> otherwise.</para> ++ Defaults to <literal>keep</literal>.</para> + + <!-- Explicit assignment of an empty string is equivalent to 'keep', for backward compatibility. --> + +diff --git a/src/journal/journald-config.c b/src/journal/journald-config.c +index 8cffec880b..ea3bb34a76 100644 +--- a/src/journal/journald-config.c ++++ b/src/journal/journald-config.c +@@ -123,7 +123,7 @@ void manager_merge_configs(Manager *m) { + MERGE_NON_NEGATIVE(read_kmsg, !m->namespace); + /* By default, kernel auditing is enabled by the main namespace instance, and not controlled by + * non-default namespace instances. */ +- MERGE_NON_NEGATIVE(set_audit, m->namespace ? AUDIT_KEEP : AUDIT_YES); ++ MERGE_NON_NEGATIVE(set_audit, AUDIT_KEEP); + MERGE_NON_ZERO(sync_interval_usec, DEFAULT_SYNC_INTERVAL_USEC); + + /* TODO: also merge them when comdline or credentials support to configure them. */ +diff --git a/src/journal/journald.conf b/src/journal/journald.conf +index 9a12ca7657..3be3ed7327 100644 +--- a/src/journal/journald.conf ++++ b/src/journal/journald.conf +@@ -47,4 +47,4 @@ + #MaxLevelSocket=debug + #LineMax=48K + #ReadKMsg=yes +-#Audit=yes ++#Audit=keep +-- +2.51.0 + |