auditd job from os-conf/22.3.0
Github source:
64d1ff6
or
master branch
Properties¶
pre_start_delay
¶
The number of seconds to delay running the pre-start script. This can be used, for example, to avoid a race condition with other pre-start scripts, such as IPsec’s, that can prevent auditd From starting
- Default
0
- Example
-
30
rules
¶
Array of auditd rules to add. Note that this job does not update rules after rules are installed for the first time. Removal of a job does not remove rules. For new rules to be applied you must force VM recreation. This behaviour is due to auditd going into its immutable state.
- Default
[]
- Example
-
- -a always,exit -F perm=x -F auid>=500 -F auid!=4294967295 -F path=/usr/bin/who -k privileged
Templates¶
Templates are rendered and placed onto corresponding
instances during the deployment process. This job's templates
will be placed into /var/vcap/jobs/auditd/
directory
(learn more).
bin/pre-start
(frompre-start
)
Packages¶
Packages are compiled and placed onto corresponding
instances during the deployment process. Packages will be
placed into /var/vcap/packages/
directory.
This job relies on no runtime packages.