13 lines
377 B
ReStructuredText
13 lines
377 B
ReStructuredText
**Exception**
|
|
|
|
The audit rules for permission changes made with ``fremovexattr`` are disabled
|
|
by default as they can generate an excessive amount of logs in a short period
|
|
of time, especially during a deployment.
|
|
|
|
Deployers can enable auditing for ``fremovexattr`` usage by setting the
|
|
following Ansible variable:
|
|
|
|
.. code-block:: yaml
|
|
|
|
security_audit_DAC_fremovexattr: yes
|