Don't enable audit by default

It causes flooding of dmesg and syslog, suppressing actually important
messages.

Don't enable it for now, until a better solution is found:
http://lists.freedesktop.org/archives/systemd-devel/2014-December/026591.html

Bug-Debian: https://bugs.debian.org/773528

Gbp-Pq: Topic debian
Gbp-Pq: Name Don-t-enable-audit-by-default.patch

diff --git a/man/journald.conf.xml b/man/journald.conf.xml
index 160544a0255710b9a689d13e253b311b1a75e3c0..7e6f175fbdb3f13ab15910da9d31abbf88d16abf 100644 (file)
--- a/man/journald.conf.xml
+++ b/man/journald.conf.xml
@@ -438,7 +438,7 @@
         <command>systemd-journald</command> collects generated audit records, it just controls whether it
         tells the kernel to generate them. This means if another tool turns on auditing even if
         <command>systemd-journald</command> left it off, it will still collect the generated
-        messages. Defaults to on.</para></listitem>
+        messages. Defaults to off.</para></listitem>
       </varlistentry>
 
       <varlistentry>

diff --git a/src/journal/journald-server.c b/src/journal/journald-server.c
index 863575c5962314308810dd29307dc94c9ae8083d..1b9b8e1bd53f63508410cec9f64e17e046f51b63 100644 (file)
--- a/src/journal/journald-server.c
+++ b/src/journal/journald-server.c
@@ -2279,7 +2279,7 @@ int server_init(Server *s, const char *namespace) {
                 .compress.threshold_bytes = UINT64_MAX,
                 .seal = true,
 
-                .set_audit = true,
+                .set_audit = false,
 
                 .watchdog_usec = USEC_INFINITY,
 

diff --git a/src/journal/journald.conf b/src/journal/journald.conf
index 8ae36b4320aaa7bbdd084d33da16a2f66143f98a..4f6445dae755a7d6bf7b94f55a3d673f4eff5ad2 100644 (file)
--- a/src/journal/journald.conf
+++ b/src/journal/journald.conf
@@ -44,4 +44,4 @@
 #MaxLevelWall=emerg
 #LineMax=48K
 #ReadKMsg=yes
-#Audit=yes
+#Audit=no