pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / modules / security / auditd.nix
at 25.11-pre 1.0 kB view raw
1{ 2 config, 3 lib, 4 pkgs, 5 ... 6}: 7 8{ 9 options.security.auditd.enable = lib.mkEnableOption "the Linux Audit daemon"; 10 11 config = lib.mkIf config.security.auditd.enable { 12 boot.kernelParams = [ "audit=1" ]; 13 14 environment.systemPackages = [ pkgs.audit ]; 15 16 systemd.services.auditd = { 17 description = "Linux Audit daemon"; 18 documentation = [ "man:auditd(8)" ]; 19 wantedBy = [ "sysinit.target" ]; 20 after = [ 21 "local-fs.target" 22 "systemd-tmpfiles-setup.service" 23 ]; 24 before = [ 25 "sysinit.target" 26 "shutdown.target" 27 ]; 28 conflicts = [ "shutdown.target" ]; 29 30 unitConfig = { 31 ConditionVirtualization = "!container"; 32 ConditionSecurity = [ "audit" ]; 33 DefaultDependencies = false; 34 }; 35 36 path = [ pkgs.audit ]; 37 38 serviceConfig = { 39 ExecStartPre = "${pkgs.coreutils}/bin/mkdir -p /var/log/audit"; 40 ExecStart = "${pkgs.audit}/bin/auditd -l -n -s nochange"; 41 }; 42 }; 43 }; 44}