auditd job from os-conf/20
Github source:
a395af3
or
master branch
Properties¶
rules
¶
Array of auditd rules to add. Note that this job does not update rules after rules are installed for the first time. Removal of a job does not remove rules. For new rules to be applied you must force VM recreation. This behaviour is due to auditd going into its immutable state.
- Default
[]
- Example
-
- -a always,exit -F perm=x -F auid>=500 -F auid!=4294967295 -F path=/usr/bin/who -k privileged
Templates¶
Templates are rendered and placed onto corresponding
instances during the deployment process. This job's templates
will be placed into /var/vcap/jobs/auditd/
directory
(learn more).
bin/pre-start
(frompre-start
)
Packages¶
Packages are compiled and placed onto corresponding
instances during the deployment process. Packages will be
placed into /var/vcap/packages/
directory.
This job relies on no runtime packages.