https://bugzilla.novell.com/show_bug.cgi?id=860778 https://bugzilla.novell.com/show_bug.cgi?id=860778#c Tony Jones changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=860778 https://bugzilla.novell.com/show_bug.cgi?id=860778#c3 --- Comment #3 from Tony Jones 2014-01-29 16:22:34 UTC --- First off, what does "systemctl status auditd" say on your current system? Is it enabled for boot time start? It's working fine for me using latest 13.1 updates (kernel 3.11.6-4-default x86_64). I don't think it's a kernel issue, the kernel is just a conduit for these messages. If it does actually change with kernel version it's more likely a kernel/systemd interaction that prevents auditd from starting. I'm not sure if you have one of the old kernels you can revert back to as a test. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=860778 https://bugzilla.novell.com/show_bug.cgi?id=860778#c5 Rainer Klier changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |rainer.klier@gmx.at --- Comment #5 from Rainer Klier 2014-02-11 13:37:10 UTC --- this bug also hits me. i am on opensuse 13.1 x86_64 with kernel 3.13.2 from stable-standard repo -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=860778 https://bugzilla.novell.com/show_bug.cgi?id=860778#c7 --- Comment #7 from Rainer Klier 2014-02-12 07:10:57 UTC --- (In reply to comment #6)

(In reply to comment #5)

...

this bug also hits me. i am on opensuse 13.1 x86_64 with kernel 3.13.2 from stable-standard repo

I need to see what the default was in sysvinit, as to whether audit was enabled automatically. It isn't at present in systemd. Once enabled the issue will

it was not enabled automatically. after i started it manually with "systemctl restart auditd" the messages went away. after this i enabled auditd as default in yast, and today i also don't see these messages any more.

go away. I imagine this needs to be fixed and enabled automatically.

yes. i think this is the real bug here. it was not enabled automatically. FYI: i did not freshly install my opensuse 13.1, but i made an upgrade from 12.3. but what for is this auditd? what is it's purpose? what for do i need it? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=860778 https://bugzilla.novell.com/show_bug.cgi?id=860778#c9 --- Comment #9 from Tony Jones 2014-03-10 14:29:28 UTC --- *** Bug 867506 has been marked as a duplicate of this bug. *** http://bugzilla.novell.com/show_bug.cgi?id=867506 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

http://bugzilla.novell.com/show_bug.cgi?id=860778 --- Comment #34 from Tony Jones --- (In reply to Felix Miata from comment #26)

I haven't had quiet in any bootloader stanza for any distro since sometime last century. I find little to no activity on vtty1 during init to be highly annoying. Not having quiet on cmdline has never been a problem before that I can remember.

All my systems have been the result of a constant 'zypper dup'. I just went and installed from scratch the latest Factory (http://download.opensuse.org/factory/iso/openSUSE-Tumbleweed-DVD-x86_64-Curr...). I chose the default GUI which is KDE and then default for every option. The resulting system has a /proc/cmdline containing 'quiet' and 'cat /proc/sys/kernel/printk' reports 4 4 1 7. audit rpm installed, auditd.service enabled and running. No rsyslog installed. I repeated the install selecting GNOME and then all defaults. Same as above. I repeated the install selecting "other" "Minimal Server Selection (text mode)". Quiet present on command line, thus default loglevel is 4. No audit rpm installed, thus no auditd.service. In all cases the default loglevel was 4, so the issue you are describing does not occur.

...

If this is correct, as root, add "quiet" (or "loglevel=4") to GRUB_CMDLINE_LINUX_DEFAULT in /etc/default/grub and run grub2-mkconfig > /boot/grub2/grub.cfg [or yast equivalent] and reboot.

Grub2 is not installed in any rpm-based distro here. Most installations here are booting from a Grub Legacy installation on a primary partition that is never mounted as /boot.

Then you need to change '/boot/grub/menu.lst' I'm not seeing the issue here, other than you've managed to configure you system in a way that causes audit events to be logged to the console. -- You are receiving this mail because: You are on the CC list for the bug.