nixos/modules/security/auditd.nix at 24.11-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

nixpkgs / nixos / modules / security / auditd.nix

at 24.11-pre 820 B view raw

 1{ config, lib, pkgs, ... }:
 2
 3with lib;
 4
 5{
 6  options.security.auditd.enable = mkEnableOption "the Linux Audit daemon";
 7
 8  config = mkIf config.security.auditd.enable {
 9    boot.kernelParams = [ "audit=1" ];
10
11    environment.systemPackages = [ pkgs.audit ];
12
13    systemd.services.auditd = {
14      description = "Linux Audit daemon";
15      wantedBy = [ "basic.target" ];
16      before = [ "shutdown.target" ];
17      conflicts = [ "shutdown.target" ];
18
19      unitConfig = {
20        ConditionVirtualization = "!container";
21        ConditionSecurity = [ "audit" ];
22        DefaultDependencies = false;
23      };
24
25      path = [ pkgs.audit ];
26
27      serviceConfig = {
28        ExecStartPre = "${pkgs.coreutils}/bin/mkdir -p /var/log/audit";
29        ExecStart = "${pkgs.audit}/bin/auditd -l -n -s nochange";
30      };
31    };
32  };
33}