[rsbac] creating secoff and logging to rsyslog, was: rsbac_init goes RSBAC_EINVALIDREQUEST with devicemapper

Amon Ott ao at rsbac.org
Mon Dec 10 08:30:05 CET 2018

Am 09.12.18 um 23:07 schrieb Palon Setin:
> It's not good that the security officer is called secoff, because it
> sounds like security is off. Also security is two chars longer. But
> anyway, I'd only change if secoff gets renamed in Rsbac main.

We have been using security here for years - your fingers get used to
that name quickly. :)

So far, you seem to have done the right steps. Duplicated lines in
kern.log and syslog are normal for all kernel messages - Debian puts all
kernel messages into both files.

In /etc/rsyslog.conf you can extend the -/var/log/syslog specification
with ,kern.warn to hopefully get rid of all kernel messages below
warning level.

In /etc/sysctl.conf I recommend kernel.printk = 3 4 1 3
to keep consoles clean.

http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22

More information about the rsbac mailing list