3c19f00a7f
This patch adds the right tags to each piece of metadata and corrects small errors found in the deployer notes. Closes-bug: 1595669 Change-Id: Ic04aaad85ebf111be5a0bdb01a350442fdea1433
402 B
402 B
---id: V-38561 status: opt-in tag: auditd ---
The audit rules for permission changes made with
lxsetxattr are disabled by default as they can generate an
excessive amount of logs in a short period of time, especially during a
deployment.
Deployers can enable auditing for lsetxattr usage by
setting the following Ansible variable:
security_audit_DAC_lsetxattr: yes