diff options
author | Robin Green <greenrd@greenrd.org> | 2020-07-19 08:32:31 +0100 |
---|---|---|
committer | Ludovic Courtès <ludo@gnu.org> | 2020-07-27 12:06:36 +0200 |
commit | 73cb3e103f35356b83cb091f15c536c21bf53981 (patch) | |
tree | c6f7af29b1313cafc8e54eb4943f10bb3f647b5d /gnu | |
parent | 79501f26ab6d82c0256ff786a5dfb0000b52ccd3 (diff) | |
download | guix-73cb3e103f35356b83cb091f15c536c21bf53981.tar.gz |
services: auditd: Provide default configuration directory.
* gnu/services/auditd.scm (auditd.conf) (%default-auditd-configuration-directory): New variables. (<auditd-configuration>): Switch to 'define-record-type*'. [configuration-directory]: New field. (auditd-shepherd-service): Honor 'configuration-directory'. Pass #:pid-file. (auditd-service-type)[description]: Tweak. [default-value]: Provide 'configuration-directory'. * doc/guix.texi (Miscellaneous Services): Update docs to reflect changes. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Diffstat (limited to 'gnu')
-rw-r--r-- | gnu/services/auditd.scm | 41 |
1 files changed, 30 insertions, 11 deletions
diff --git a/gnu/services/auditd.scm b/gnu/services/auditd.scm index 8a9292015f..cffc226ec9 100644 --- a/gnu/services/auditd.scm +++ b/gnu/services/auditd.scm @@ -1,5 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2019 Danny Milosavljevic <dannym@scratchpost.org> +;;; Copyright © 2020 Robin Green <greenrd@greenrd.org> ;;; ;;; This file is part of GNU Guix. ;;; @@ -26,29 +27,47 @@ #:use-module (guix gexp) #:use-module (guix packages) #:export (auditd-configuration - auditd-service-type)) + auditd-service-type + %default-auditd-configuration-directory)) -; /etc/audit/audit.rules +(define auditd.conf + (plain-file "auditd.conf" "log_file = /var/log/audit.log\nlog_format = \ +ENRICHED\nfreq = 1\nspace_left = 5%\nspace_left_action = \ +syslog\nadmin_space_left_action = ignore\ndisk_full_action = \ +ignore\ndisk_error_action = syslog\n")) -(define-configuration auditd-configuration - (audit - (package audit) - "Audit package.")) +(define %default-auditd-configuration-directory + (computed-file "auditd" + #~(begin + (mkdir #$output) + (copy-file #$auditd.conf + (string-append #$output "/auditd.conf"))))) + +(define-record-type* <auditd-configuration> + auditd-configuration make-auditd-configuration + auditd-configuration? + (audit auditd-configuration-audit ; package + (default audit)) + (configuration-directory auditd-configuration-configuration-directory)) ; file-like (define (auditd-shepherd-service config) - (let* ((audit (auditd-configuration-audit config))) + (let* ((audit (auditd-configuration-audit config)) + (configuration-directory (auditd-configuration-configuration-directory config))) (list (shepherd-service - (documentation "Auditd allows you to audit file system accesses.") + (documentation "Auditd allows you to audit file system accesses and process execution.") (provision '(auditd)) (start #~(make-forkexec-constructor - (list (string-append #$audit "/sbin/auditd")))) + (list (string-append #$audit "/sbin/auditd") "-c" #$configuration-directory) + #:pid-file "/var/run/auditd.pid")) (stop #~(make-kill-destructor)))))) (define auditd-service-type (service-type (name 'auditd) - (description "Allows auditing file system accesses.") + (description "Allows auditing file system accesses and process execution.") (extensions (list (service-extension shepherd-root-service-type auditd-shepherd-service))) - (default-value (auditd-configuration)))) + (default-value + (auditd-configuration + (configuration-directory %default-auditd-configuration-directory))))) |