[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <22551.1218464121@turing-police.cc.vt.edu>
Date: Mon, 11 Aug 2008 10:15:21 -0400
From: Valdis.Kletnieks@...edu
To: Andi Kleen <andi@...stfloor.org>
Cc: Peter Zijlstra <a.p.zijlstra@...llo.nl>,
Ingo Molnar <mingo@...e.hu>,
Andrew Morton <akpm@...ux-foundation.org>,
torvalds@...ux-foundation.org, tglx@...utronix.de,
marcin.slusarz@...il.com, linux-kernel@...r.kernel.org,
davem@...emloft.net, rostedt@...dmis.org,
paulmck@...ux.vnet.ibm.com
Subject: Re: [PATCH] printk: robustify printk
On Mon, 11 Aug 2008 13:42:43 +0200, Andi Kleen said:
> On Mon, Aug 11, 2008 at 01:22:06PM +0200, Peter Zijlstra wrote:
> > You only loose the msgs with klogd, console still gets everything. If
> > firewalls are generating that much data, perhaps its time to think about
> > alternative ways to channel that.
>
> Yes, and netfilter has them in fact, but it's clearly still a regression for
> people who rely on klogd for this today.
>
> Also firewall is just an example. Other cases might be people relying
> on these selinux messages. Or some other kernel messages.
Similar to "netfilter has other ways", the SELinux messages have another
defined way as well. If your site is high-security and *depends* on the
messages, the *right* answer is to run auditd to catch and log the messages,
and configure auditd to bring the system to a screeching halt if the
log space fills up or there's other problems (yes, some sites would rather
have the machine drop dead than possibly miss an SELinux message).
Content of type "application/pgp-signature" skipped
Powered by blists - more mailing lists