135873 – audit service on by default?

Bug 135873 - audit service on by default?

Summary: audit service on by default?

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 3
Classification:	Red Hat
Component:	laus
Sub Component:
Version:	3.0
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Jason Vas Dias
QA Contact:	Jay Turner
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	132991
TreeView+	depends on / blocked

Reported:	2004-10-15 15:52 UTC by Joe Orton
Modified:	2015-01-08 00:08 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2005-05-20 03:25:52 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2005:219	0	normal	SHIPPED_LIVE	laus bug fix update	2005-05-19 04:00:00 UTC

Description Joe Orton 2004-10-15 15:52:24 UTC

Is it necessary to have auditing on by default, i.e. the audit service
configured to run in runlevels 235?

I've now suffered from three bugs as a side-effect from this and never
really needed auditing anyway.  Nice feature, but why not make it a
"chkconfig audit on" away?

Comment 1 Charlie Bennett 2004-10-15 16:31:26 UTC

Laus is an optional package.
Is it being installed in the default install?
The opinion of QA was that if you're going to install an optional
package you probably intend for it to run...

Comment 2 Joe Orton 2004-10-15 16:37:31 UTC

Is it really optional?  I see laus listed as mandatory in the Base
group in comps.

Comment 3 Charlie Bennett 2004-10-15 17:38:35 UTC

It shouldn't be mandatory.  Laus-libs should always get picked up
because PAM is mandatory but there's nothing that says you have to
install the daemon...

Comment 4 Tom Diehl 2004-10-16 03:56:43 UTC

Ever try just not starting/installing the daemon? See
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=131860 for more
info. It is not that simple and so far other than the info in the bug
it is undocumented. IMO having laus install by default is a big PITA.
I suspect a lot of machines do not need it, and the ones that do are
smart enough to set it up. The amount of disk space the thing uses in
an out of the box configutation is just plain crazy.

Comment 5 reubendb 2004-10-19 17:40:48 UTC

I installed two machines using U3 ISOs from RHN. Somehow Laus got
installed. So it seems that it got installed and turned on by default
as I didn't remember specifically intending to install it (I didn't
even know what it is until recently). 
Another machine that I installed using the original release RHEL 3 and
brought it up2date to U3 doesn't have Laus in it. So it seems that
only if you install using U3 ISO it got installed by default.

Trying to "chkconfig audit off" and even "rpm -e Laus", I now get the
problem described in
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=131860.

Comment 7 Jason Vas Dias 2005-02-24 18:19:14 UTC

This bug is now fixed in laus-0.1-67RHEL3, which should be in 
RHEL-3-U5, and which meanwhile can be downloaded from:
   http://people.redhat.com/~jvdias/laus/

The audit service is now off by default after clean installs now that
bug 130071 is fixed.

Comment 8 Dennis Gregorovic 2005-05-20 03:25:52 UTC

An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2005-219.html

Note You need to log in before you can comment on or make changes to this bug.