From: Roy Li <rongqing...@windriver.com> Audit unit file is from https://fedorahosted.org/audit/browser/trunk/init.d/auditd.service
Signed-off-by: Roy Li <rongqing...@windriver.com> --- recipes-security/audit/audit/audit-volatile.conf | 1 + recipes-security/audit/audit/auditd.service | 21 +++++++++++++++++++++ recipes-security/audit/audit_2.3.2.bb | 18 ++++++++++++++++-- 3 files changed, 38 insertions(+), 2 deletions(-) create mode 100644 recipes-security/audit/audit/audit-volatile.conf create mode 100644 recipes-security/audit/audit/auditd.service diff --git a/recipes-security/audit/audit/audit-volatile.conf b/recipes-security/audit/audit/audit-volatile.conf new file mode 100644 index 0000000..9cbe154 --- /dev/null +++ b/recipes-security/audit/audit/audit-volatile.conf @@ -0,0 +1 @@ +d /var/log/audit 0750 root root - diff --git a/recipes-security/audit/audit/auditd.service b/recipes-security/audit/audit/auditd.service new file mode 100644 index 0000000..6daa056 --- /dev/null +++ b/recipes-security/audit/audit/auditd.service @@ -0,0 +1,21 @@ +[Unit] +Description=Security Auditing Service +DefaultDependencies=no +After=local-fs.target +Conflicts=shutdown.target +Before=sysinit.target shutdown.target +After=systemd-tmpfiles-setup.service +RefuseManualStop=yes + +[Service] +ExecStart=/sbin/auditd -n +## To use augenrules, copy this file to /etc/systemd/system/auditd.service +## and uncomment the next line and delete/comment out the auditctl line. +## Then copy existing rules to /etc/audit/rules.d/ +## Not doing this last step can cause loss of existing rules +#ExecStartPost=-/sbin/augenrules --load +ExecStartPost=-/sbin/auditctl -R /etc/audit/rules.d/audit.rules +ExecReload=/bin/kill -HUP $MAINPID + +[Install] +WantedBy=multi-user.target diff --git a/recipes-security/audit/audit_2.3.2.bb b/recipes-security/audit/audit_2.3.2.bb index edcb881..eafcd30 100644 --- a/recipes-security/audit/audit_2.3.2.bb +++ b/recipes-security/audit/audit_2.3.2.bb @@ -14,14 +14,19 @@ SRC_URI = "http://people.redhat.com/sgrubb/audit/audit-${PV}.tar.gz \ file://audit-python-configure.patch \ file://audit-for-cross-compiling.patch \ file://auditd \ - file://fix-swig-host-contamination.patch" + file://fix-swig-host-contamination.patch \ + file://auditd.service \ + file://audit-volatile.conf \ +" -inherit autotools pythonnative update-rc.d +inherit autotools pythonnative update-rc.d systemd UPDATERCPN = "auditd" INITSCRIPT_NAME = "auditd" INITSCRIPT_PARAMS = "defaults" +SYSTEMD_SERVICE_${PN} = "auditd.service" + SRC_URI[md5sum] = "4e8d065b5cc16b77b9b61e93a9ed160e" SRC_URI[sha256sum] = "8872e0b5392888789061db8034164305ef0e1b34543e1e7004d275f039081d29" @@ -74,4 +79,13 @@ do_install_append() { # replace init.d install -D -m 0755 ${S}/../auditd ${D}/etc/init.d/auditd rm -rf ${D}/etc/rc.d + + if ${@base_contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then + install -d ${D}${sysconfdir}/tmpfiles.d/ + install -m 0644 ${WORKDIR}/audit-volatile.conf ${D}${sysconfdir}/tmpfiles.d/ + fi + + # install systemd unit files + install -d ${D}${systemd_unitdir}/system + install -m 0644 ${WORKDIR}/auditd.service ${D}${systemd_unitdir}/system } -- 1.7.10.4 _______________________________________________ yocto mailing list yocto@yoctoproject.org https://lists.yoctoproject.org/listinfo/yocto