nspawn: only warn about audit when booting the container

[elogind.git] / src / nspawn / nspawn.c

diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
index 33153c950777b7591c64c35536cafbf4e4072336..32cfe05dcd409f353a0f924b827ac78687298933 100644 (file)
--- a/src/nspawn/nspawn.c
+++ b/src/nspawn/nspawn.c
@@ -39,6 +39,7 @@
 #include <sys/signalfd.h>
 #include <grp.h>
 #include <linux/fs.h>
+#include <linux/netlink.h>
 #include <sys/un.h>
 #include <sys/socket.h>
 
@@ -1220,7 +1221,6 @@ finish:
 }
 
 static bool audit_enabled(void) {
-#ifdef HAVE_AUDIT
         int fd;
 
         fd = socket(AF_NETLINK, SOCK_RAW, NETLINK_AUDIT);
@@ -1228,7 +1228,6 @@ static bool audit_enabled(void) {
                 close_nointr_nofail(fd);
                 return true;
         }
-#endif
         return false;
 }
 
@@ -1297,7 +1296,7 @@ int main(int argc, char *argv[]) {
                 goto finish;
         }
 
-        if (audit_enabled()) {
+        if (arg_boot && audit_enabled()) {
                 log_warning("The kernel auditing subsystem is known to be incompatible with containers.\n"
                             "Please make sure to turn off auditing with 'audit=0' on the kernel command\n"
                             "line before using systemd-nspawn. Sleeping for 5s...\n");