Bug 227984

Summary: WITHOUT_AUDIT does not function as expected
Product: Base System Reporter: rozhuk.im
Component: confAssignee: freebsd-bugs mailing list <bugs>
Status: Open ---    
Severity: Affects Many People CC: aniketp, asomers, emaste, kpect, rozhuk.im
Priority: ---    
Version: CURRENT   
Hardware: Any   
OS: Any   
Bug Depends on: 233046    
Bug Blocks:    

Description rozhuk.im 2018-05-05 02:26:04 UTC
/etc/src.conf:
WITHOUT_AUDIT=

system rebuilded,
yes | make delete-old
does not remove rc.d files, /etc/security/audit_* and probably some other files.
Comment 2 Ed Maste freebsd_committer 2018-05-05 15:56:11 UTC
src.conf(5) documents the *_AUDIT knob as:

     WITHOUT_AUDIT
             Set to not build audit support into system programs.

It appears to have two effects:
- controls whether sshd, su, login, id are built with audit support
- controls whether audit, auditd, auditdistd, auditreduce, praudit are built and installed
Comment 3 Alan Somers freebsd_committer 2018-06-11 16:34:49 UTC
I think rozhuk's complaint is valid, though his test method isn't.  There are plenty of other files in etc that are gated by src.conf knobs: ntp, blacklistd, etc.  The audit-related files should be so gated, too.  However, even if they were, "make delete-old" wouldn't remove them.  "make delete-old" only removes files that are no longer needed on any configuration, regardless of src.conf knobs.
Comment 4 Ed Maste freebsd_committer 2018-06-12 01:20:20 UTC
(In reply to Alan Somers from comment #3)
Agreed, my point is just that the description for WITHOUT_AUDIT does not indicate it will remove the audit binaries/files - the documentation will need updating as well if/when this is fixed.
Comment 5 rozhuk.im 2018-06-12 14:49:34 UTC
(In reply to Alan Somers from comment #3)
But it removes bin file, so rc.d script does not work.