Various components were failing, and upon investigation it was noted that the audit.rules file referenced by the initscript wasn't available.
There was however a copy under the rules.d directory. Investigating the audit.spec file (which in the upstream source) showed that it was expected that the version in the rules.d should be copied into /etc/audit. Do this and correct the systemd services file to use the same file. Signed-off-by: Mark Hatle <mark.ha...@windriver.com> --- recipes-security/audit/audit/auditd.service | 2 +- recipes-security/audit/audit_2.3.2.bb | 5 +++++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/recipes-security/audit/audit/auditd.service b/recipes-security/audit/audit/auditd.service index 6daa056..adf4d3b 100644 --- a/recipes-security/audit/audit/auditd.service +++ b/recipes-security/audit/audit/auditd.service @@ -14,7 +14,7 @@ ExecStart=/sbin/auditd -n ## Then copy existing rules to /etc/audit/rules.d/ ## Not doing this last step can cause loss of existing rules #ExecStartPost=-/sbin/augenrules --load -ExecStartPost=-/sbin/auditctl -R /etc/audit/rules.d/audit.rules +ExecStartPost=-/sbin/auditctl -R /etc/audit/audit.rules ExecReload=/bin/kill -HUP $MAINPID [Install] diff --git a/recipes-security/audit/audit_2.3.2.bb b/recipes-security/audit/audit_2.3.2.bb index 4a9c954..ae6556f 100644 --- a/recipes-security/audit/audit_2.3.2.bb +++ b/recipes-security/audit/audit_2.3.2.bb @@ -67,6 +67,8 @@ FILES_${PN}-dbg += "${libdir}/python${PYTHON_BASEVERSION}/*/.debug" FILES_${PN}-python = "${libdir}/python${PYTHON_BASEVERSION}" FILES_${PN}-dev += "${base_libdir}/*.so ${base_libdir}/*.la" +CONFFILES_auditd += "${sysconfdir}/audit/audit.rules" + do_install_append() { rm -f ${D}/${libdir}/python${PYTHON_BASEVERSION}/site-packages/*.a rm -f ${D}/${libdir}/python${PYTHON_BASEVERSION}/site-packages/*.la @@ -91,4 +93,7 @@ do_install_append() { chmod 750 ${D}/etc/audit ${D}/etc/audit/rules.d chmod 640 ${D}/etc/audit/auditd.conf ${D}/etc/audit/rules.d/audit.rules + + # Based on the audit.spec "Copy default rules into place on new installation" + cp ${D}/etc/audit/rules.d/audit.rules ${D}/etc/audit/audit.rules } -- 1.8.5.3 -- _______________________________________________ yocto mailing list yocto@yoctoproject.org https://lists.yoctoproject.org/listinfo/yocto