On Thu, 24 Jun 2010, Steve Langasek <[email protected]> wrote:
> meantime, I disagree that we should do this by default.  My understanding
> is that pam_loginuid is only useful when operating in conjunction with
> auditd; if this is true, then we shouldn't enable it by default - we
> should only enable it when auditd has been installed to avoid unnecessary
> overhead / complexity in the PAM stack.  That's easily achieved by having
> the auditd package ship a profile for pam-auth-update in
> /usr/share/pam-configs as described in
> <https://wiki.ubuntu.com/PAMConfigFrameworkSpec> and set the appropriate
> versioned dependencies on libpam-modules and libpam-runtime. I'd be happy
> to help with the implementation of this if you agree this is the correct
> way to handle it.

For the record I want to note that the auid can appear in the kernel message 
log (dmesg and /var/log/kernel.log) if auditd isn't running.  But 
realistically as the vast majority of people who care about the auid already 
have auditd running this shouldn't be an issue.

I'm not sure whether there are useful cases for having an auid without auditd, 
I use auditd on all systems anyway.

So I think that your case for reassigning it back to auditd is good, and your 
suggested solution sounds reasonable.



-- 
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]

Reply via email to