diff options
author | Tuomas Tynkkynen <tuomas@tuxera.com> | 2016-08-22 18:11:53 +0300 |
---|---|---|
committer | Tuomas Tynkkynen <tuomas@tuxera.com> | 2016-08-31 23:15:41 +0300 |
commit | 16b3e26da4455c6d3f876639ce27ce6cd40d6895 (patch) | |
tree | 363c1f17ffb34dcdb538738b1a06438d848e49c4 /nixos/modules/security | |
parent | 5eff0b990cb2f2a9492b31f825679608d5f09d19 (diff) | |
download | nixpkgs-16b3e26da4455c6d3f876639ce27ce6cd40d6895.tar nixpkgs-16b3e26da4455c6d3f876639ce27ce6cd40d6895.tar.gz nixpkgs-16b3e26da4455c6d3f876639ce27ce6cd40d6895.tar.bz2 nixpkgs-16b3e26da4455c6d3f876639ce27ce6cd40d6895.tar.lz nixpkgs-16b3e26da4455c6d3f876639ce27ce6cd40d6895.tar.xz nixpkgs-16b3e26da4455c6d3f876639ce27ce6cd40d6895.tar.zst nixpkgs-16b3e26da4455c6d3f876639ce27ce6cd40d6895.zip |
audit: Disable by default
Because in its default enabled state it it causes a global performance hit on all system calls (https://fedorahosted.org/fesco/ticket/1311) and unwanted spam in dmesg, in particular when using Chromium (https://github.com/NixOS/nixpkgs/issues/13710).
Diffstat (limited to 'nixos/modules/security')
-rw-r--r-- | nixos/modules/security/audit.nix | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/nixos/modules/security/audit.nix b/nixos/modules/security/audit.nix index 8d70811b01c..ebfe594d0c7 100644 --- a/nixos/modules/security/audit.nix +++ b/nixos/modules/security/audit.nix @@ -55,7 +55,7 @@ in { security.audit = { enable = mkOption { type = types.enum [ false true "lock" ]; - default = true; # The kernel seems to enable it by default with no rules anyway + default = false; description = '' Whether to enable the Linux audit system. The special `lock' value can be used to enable auditing and prevent disabling it until a restart. Be careful about locking |