367 B
367 B
Exception
The audit rules for permission changes made with
setxattr
are disabled by default as they can generate an
excessive amount of logs in a short period of time, especially during a
deployment.
Deployers can enable auditing for lsetxattr
usage by
setting the following Ansible variable:
security_audit_DAC_lsetxattr: yes