Is it necessary to have auditing on by default, i.e. the audit service
configured to run in runlevels 235?
I've now suffered from three bugs as a side-effect from this and never
really needed auditing anyway. Nice feature, but why not make it a
"chkconfig audit on" away?
Laus is an optional package.
Is it being installed in the default install?
The opinion of QA was that if you're going to install an optional
package you probably intend for it to run...
Is it really optional? I see laus listed as mandatory in the Base
group in comps.
It shouldn't be mandatory. Laus-libs should always get picked up
because PAM is mandatory but there's nothing that says you have to
install the daemon...
Ever try just not starting/installing the daemon? See
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=131860 for more
info. It is not that simple and so far other than the info in the bug
it is undocumented. IMO having laus install by default is a big PITA.
I suspect a lot of machines do not need it, and the ones that do are
smart enough to set it up. The amount of disk space the thing uses in
an out of the box configutation is just plain crazy.
I installed two machines using U3 ISOs from RHN. Somehow Laus got
installed. So it seems that it got installed and turned on by default
as I didn't remember specifically intending to install it (I didn't
even know what it is until recently).
Another machine that I installed using the original release RHEL 3 and
brought it up2date to U3 doesn't have Laus in it. So it seems that
only if you install using U3 ISO it got installed by default.
Trying to "chkconfig audit off" and even "rpm -e Laus", I now get the
problem described in
This bug is now fixed in laus-0.1-67RHEL3, which should be in
RHEL-3-U5, and which meanwhile can be downloaded from:
The audit service is now off by default after clean installs now that
bug 130071 is fixed.
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.