diff options
| author | Tuomas Tynkkynen <tuomas@tuxera.com> | 2016-08-22 18:11:53 +0300 |
|---|---|---|
| committer | Tuomas Tynkkynen <tuomas@tuxera.com> | 2016-08-31 23:15:41 +0300 |
| commit | 16b3e26da4455c6d3f876639ce27ce6cd40d6895 (patch) | |
| tree | 363c1f17ffb34dcdb538738b1a06438d848e49c4 /nixos/modules/security/audit.nix | |
| parent | 5eff0b990cb2f2a9492b31f825679608d5f09d19 (diff) | |
| download | nixlib-16b3e26da4455c6d3f876639ce27ce6cd40d6895.tar nixlib-16b3e26da4455c6d3f876639ce27ce6cd40d6895.tar.gz nixlib-16b3e26da4455c6d3f876639ce27ce6cd40d6895.tar.bz2 nixlib-16b3e26da4455c6d3f876639ce27ce6cd40d6895.tar.lz nixlib-16b3e26da4455c6d3f876639ce27ce6cd40d6895.tar.xz nixlib-16b3e26da4455c6d3f876639ce27ce6cd40d6895.tar.zst nixlib-16b3e26da4455c6d3f876639ce27ce6cd40d6895.zip | |
audit: Disable by default
Because in its default enabled state it it causes a global performance hit on all system calls (https://fedorahosted.org/fesco/ticket/1311) and unwanted spam in dmesg, in particular when using Chromium (https://github.com/NixOS/nixpkgs/issues/13710).
Diffstat (limited to 'nixos/modules/security/audit.nix')
| -rw-r--r-- | nixos/modules/security/audit.nix | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/nixos/modules/security/audit.nix b/nixos/modules/security/audit.nix index 8d70811b01c7..ebfe594d0c71 100644 --- a/nixos/modules/security/audit.nix +++ b/nixos/modules/security/audit.nix @@ -55,7 +55,7 @@ in { security.audit = { enable = mkOption { type = types.enum [ false true "lock" ]; - default = true; # The kernel seems to enable it by default with no rules anyway + default = false; description = '' Whether to enable the Linux audit system. The special `lock' value can be used to enable auditing and prevent disabling it until a restart. Be careful about locking |