From: Frank Brehm Date: Sat, 17 Dec 2016 17:44:30 +0000 (+0100) Subject: saving uncommitted changes in /etc prior to emerge run X-Git-Url: https://git.uhu-banane.org/?a=commitdiff_plain;h=6148e47f9d1eabaf4079839e527243e5b655f686;p=config%2Fbruni%2Fetc.git saving uncommitted changes in /etc prior to emerge run --- diff --git a/audisp/audisp-remote.conf b/audisp/audisp-remote.conf index 70d8a992..c7d1562a 100644 --- a/audisp/audisp-remote.conf +++ b/audisp/audisp-remote.conf @@ -18,11 +18,12 @@ heartbeat_timeout = 0 network_failure_action = stop disk_low_action = ignore -disk_full_action = ignore -disk_error_action = syslog +disk_full_action = warn_once +disk_error_action = warn_once remote_ending_action = reconnect generic_error_action = syslog generic_warning_action = syslog +queue_error = stop overflow_action = syslog ##enable_krb5 = no diff --git a/audisp/plugins.d/syslog.conf b/audisp/plugins.d/syslog.conf index d603b2f2..7d7dbd7e 100644 --- a/audisp/plugins.d/syslog.conf +++ b/audisp/plugins.d/syslog.conf @@ -3,7 +3,8 @@ # arguments provided can be the default priority that you # want the events written with. And optionally, you can give # a second argument indicating the facility that you want events -# logged to. Valid options are LOG_LOCAL0 through 7. +# logged to. Valid options are LOG_LOCAL0 through 7, LOG_AUTH, +# LOG_AUTHPRIV, LOG_DAEMON, LOG_SYSLOG, and LOG_USER. active = no direction = out diff --git a/audit/audit-stop.rules b/audit/audit-stop.rules new file mode 100644 index 00000000..7e23cff4 --- /dev/null +++ b/audit/audit-stop.rules @@ -0,0 +1,8 @@ +# These rules are loaded when the audit daemon stops +# if configured to do so. + +# Disable auditing +-e 0 + +# Delete all rules +-D diff --git a/audit/auditd.conf b/audit/auditd.conf index fdc93f0e..50fbde81 100644 --- a/audit/auditd.conf +++ b/audit/auditd.conf @@ -2,18 +2,20 @@ # This file controls the configuration of the audit daemon # +local_events = yes +write_logs = yes log_file = /var/log/audit/audit.log -log_format = RAW log_group = root -priority_boost = 4 -flush = INCREMENTAL -freq = 20 +log_format = RAW +flush = INCREMENTAL_ASYNC +freq = 50 +max_log_file = 8 num_logs = 5 +priority_boost = 4 disp_qos = lossy dispatcher = /sbin/audispd name_format = NONE ##name = mydomain -max_log_file = 6 max_log_file_action = ROTATE space_left = 75 space_left_action = SYSLOG @@ -22,6 +24,7 @@ admin_space_left = 50 admin_space_left_action = SUSPEND disk_full_action = SUSPEND disk_error_action = SUSPEND +use_libwrap = yes ##tcp_listen_port = tcp_listen_queue = 5 tcp_max_per_addr = 1 @@ -30,3 +33,4 @@ tcp_client_max_idle = 0 enable_krb5 = no krb5_principal = auditd ##krb5_key_file = /etc/audit/audit.key +distribute_network = no