Page MenuHomePhabricator
Create Task
Maniphest T239999

disable local auditd logging
Closed, ResolvedPublic
Actions

Description

Auditd does a lot of logging on FR hosts where it is running. We send the log stream through rsyslog and offhost, so local file logging is unnecessary. I looked at configuration options to disable file logging and they are known to be broken in the version we have available as a stock package. https://bugzilla.redhat.com/show_bug.cgi?id=1382397 I also tried logging to /dev/null as a workaround but that's not possible b/c it will only log to a regular file. So it looks like we have to backport, patch, or wait until the upstream fix makes it into the Debian package.

Event Timeline

Jgreen created this task.Dec 6 2019, 3:15 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptDec 6 2019, 3:15 PM
Jgreen triaged this task as Medium priority.Dec 6 2019, 3:39 PM
Jgreen updated the task description. (Show Details)Jan 17 2020, 4:37 PM
Jgreen closed this task as Resolved.Jan 17 2020, 6:04 PM
Jgreen updated the task description. (Show Details)
Jgreen moved this task from Triage to Done on the fundraising-tech-ops board.

Disabled for releases other than stretch/trusty in puppet.

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL