archives/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2026-03-08 03:44:07 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

nixos/auditd: add package option

Browse source
This commit is contained in:
Acid Bong 2026-01-03 14:05:39 +02:00
parent 80187003fb
commit 9eefef046e
No known key found for this signature in database
1 changed files with 14 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

26
nixos/modules/security/auditd.nix
View file

@ -101,6 +101,8 @@ in
options.security.auditd = {
enable = lib.mkEnableOption "the Linux Audit daemon";
package = lib.mkPackageOption pkgs "auditd" { default = "audit"; };
settings = lib.mkOption {
type = lib.types.submodule {
freeformType = lib.types.attrsOf settingsType;
@ -146,7 +148,7 @@ in
defaultText = lib.literalExpression ''
{
af_unix = {
path = lib.getExe' pkgs.audit "audisp-af_unix";
path = lib.getExe' config.security.auditd.package "audisp-af_unix";
args = [
"0640"
"/var/run/audispd_events"
@ -155,15 +157,15 @@ in
format = "binary";
};
remote = {
path = lib.getExe' pkgs.audit "audisp-remote";
path = lib.getExe' config.security.auditd.package "audisp-remote";
settings = { };
};
filter = {
path = lib.getExe' pkgs.audit "audisp-filter";
path = lib.getExe' config.security.auditd.package "audisp-filter";
args = [
"allowlist"
"/etc/audit/audisp-filter.conf"
(lib.getExe' pkgs.audit "audisp-syslog")
(lib.getExe' config.security.auditd.package "audisp-syslog")
"LOG_USER"
"LOG_INFO"
"interpret"
@ -171,7 +173,7 @@ in
settings = { };
};
syslog = {
path = lib.getExe' pkgs.audit "audisp-syslog";
path = lib.getExe' config.security.auditd.package "audisp-syslog";
args = [ "LOG_INFO" ];
};
}
@ -226,7 +228,7 @@ in
security.auditd.plugins = {
af_unix = {
path = lib.getExe' pkgs.audit "audisp-af_unix";
path = lib.getExe' cfg.package "audisp-af_unix";
args = [
"0640"
"/run/audit/audispd_events"
@ -235,15 +237,15 @@ in
format = "binary";
};
remote = {
path = lib.getExe' pkgs.audit "audisp-remote";
path = lib.getExe' cfg.package "audisp-remote";
settings = { };
};
filter = {
path = lib.getExe' pkgs.audit "audisp-filter";
path = lib.getExe' cfg.package "audisp-filter";
args = [
"allowlist"
"/etc/audit/audisp-filter.conf"
(lib.getExe' pkgs.audit "audisp-syslog")
(lib.getExe' cfg.package "audisp-syslog")
"LOG_USER"
"LOG_INFO"
"interpret"
@ -251,12 +253,12 @@ in
settings = { };
};
syslog = {
path = lib.getExe' pkgs.audit "audisp-syslog";
path = lib.getExe' cfg.package "audisp-syslog";
args = [ "LOG_INFO" ];
};
};
systemd.packages = [ pkgs.audit.out ];
systemd.packages = [ cfg.package.out ];
systemd.services.auditd = {
wantedBy = [ "multi-user.target" ];
@ -271,7 +273,7 @@ in
ExecStart = [
# the upstream unit does not allow symlinks, so clear and rewrite the ExecStart
""
"${lib.getExe' pkgs.audit "auditd"} -l -s nochange"
"${lib.getExe' cfg.package "auditd"} -l -s nochange"
];
};
};