| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 22 Feb 2008 11:52:44 +1100 From: Nick Andrew <nick@...k-andrew.net> To: trivial@...nel.org Cc: linux-kernel@...r.kernel.org, Pavel Emelyanov <xemul@...nvz.org>, Serge Hallyn <serue@...ibm.com>, Randy Dunlap <randy.dunlap@...cle.com>, Paul Menage <menage@...gle.com>, Paul Jackson <pj@....com>, Valdis Kletnieks <Valdis.Kletnieks@...edu> Subject: [PATCH 2.6.25-rc2 4/9] Kconfig: Improve init/Kconfig help descriptions - AUDIT Rewrite the help descriptions for clarity, accuracy and consistency. Kernel config options affected: - AUDIT - AUDITSYSCALL Signed-off-by: Nick Andrew <nick@...k-andrew.net> --- Try #3. --- a/init/Kconfig 2008-02-20 09:34:48.000000000 +1100 +++ b/init/Kconfig 2008-02-21 09:15:18.000000000 +1100 @@ -218,20 +218,37 @@ config AUDIT bool "Auditing support" depends on NET help - Enable auditing infrastructure that can be used with another - kernel subsystem, such as SELinux (which requires this for - logging of avc messages output). Does not do system-call - auditing without CONFIG_AUDITSYSCALL. + Enable an auditing infrastructure that can be used with another + kernel subsystem, such as Security-Enhanced Linux (SELinux), + which requires this option for logging of security related + messages. + + With this option, the kernel can use netlink to pass audit + messages to an audit daemon process. Otherwise, audit messages + are logged to syslog. + + See <http://www.nsa.gov/selinux/> for more information + on Security-Enhanced Linux. + + CONFIG_AUDITSYSCALL (see below) is also required for + system-call auditing. + + If unsure, say N. config AUDITSYSCALL bool "Enable system-call auditing support" depends on AUDIT && (X86 || PPC || PPC64 || S390 || IA64 || UML || SPARC64|| SUPERH) default y if SECURITY_SELINUX help - Enable low-overhead system-call auditing infrastructure that + Enable a low-overhead system-call auditing infrastructure that can be used independently or with another kernel subsystem, - such as SELinux. To use audit's filesystem watch feature, please - ensure that INOTIFY is configured. + such as SELinux. + + To use audit's filesystem watch feature, please ensure + that CONFIG_INOTIFY is enabled. See the 'File systems' + menu for Inotify file change notification support. + + If unsure, say N. config AUDIT_TREE def_bool y -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists