Hmm, odd one this (FC2 system). I switched to a stock kernel, in order to reverse the 8K stack patch for compatibility with nVidia's broken driver. Strictly speaking, I have no problems, everything is working and pretty fast too. However, between two different kernels (2.6.5-1.358 and 2.6.6-rc3-bk3) with nearly identical configs, something has changed to produce a tonne of garbage being spewed to the console (and /var/log/messages) during bootup. None of this is error messages, just *extremely* annoying and extremely verbose logging, which I guess is some form of auditing - like this: Jun 5 06:36:29 genesis kernel: [49.850] [+ 0.00] /etc/modprobe.conf.dist Jun 5 06:36:29 genesis kernel: [49.851] [+ 0.01] /etc/modprobe.conf Jun 5 06:36:29 genesis kernel: [49.852] [+ 0.01] /proc/modules Jun 5 06:36:29 genesis kernel: [49.853] [+ 0.01] /proc/bus/usb/devices Jun 5 06:36:29 genesis kernel: [49.853] [+ 0.00] /usr/sbin/xinetd --- snip massive audit --- The full system message logs (for both 2.6.5-1.358 and 2.6.6-rc3-bk3) are here: http://www.genesis-x.nildram.co.uk/kernel/messages-2.6.5-1.358.txt http://www.genesis-x.nildram.co.uk/kernel/messages-2.6.6-rc3-bk3.txt This FC2 system has only been up a couple of days, so I'm just getting my head around SELinux etc. Adding selinux=0 and/or audit=0 in grub.conf doesn't seem to make any difference at all, neither does chkconfig --level 2345 syslog off. Weird - even with syslog off I *still* get these messages. Anyway, I think this is maybe another security tool, not SELinux, although it's pretty hard to find anything useful in the logfile, since it is choked with garbage from the audit. My grub.conf is here: http://www.genesis-x.nildram.co.uk/kernel/grub.conf.txt I started with the kernel.src.rpm from: http://www.linuxant.com/driverloader/wlan/full/archive/fc2/kernel-2.6.5-1.358.8kstacks.src.rpm.zip Then I: unzip kernel-2.6.5-1.358.8kstacks.src.rpm.zip rpm -ivh kernel-2.6.5-1.358.8kstacks.src.rpm cd /usr/src/redhat/SOURCES tar xjf linux-2.6.5.tar.bz2 cd linux-2.6.5 I ran this patch script: http://www.genesis-x.nildram.co.uk/kernel/patchit.sh.txt Then I did: make clean mrproper cp ../kernel-2.6.5-i686.config linux-2.6.5 make gconfig I removed all unnecessary drivers, added NTFS support, and optimised for P3 systems. The resulting config is here: http://www.genesis-x.nildram.co.uk/kernel/config-2.6.6-rc3-bk3.txt Then I did: make rpm rpm -ivh /usr/src/redhat/RPMS/i386/kernel-2.6.6rc3bk3-1.i386.rpm mkinitrd /boot/initrd-2.6.6-rc3-bk3.img 2.6.6-rc3-bk3 So how do I quiet those messages? Let's assume that some time in the future I do want to do auditing, how can I force SELinux (or whatever security tool) to log to a separate file other than the system log (which is busy enough as it is). TIA, - K.
