audit-secondary/change-default-log_group.patch

22 lines
536 B
Diff

From: Enzo Matsumiya <ematsumiya@suse.de>
Date: Thu Jan 28 18:11:39 UTC 2021
References: bsc#1178154
Patch-mainline: Not yet, under review
Subject: change default log_group to "audit"
Change the default log_group to newly added "audit" group.
Signed-Off-by: Enzo Matsumiya <ematsumiya@suse.de>
--- a/init.d/auditd.conf
+++ b/init.d/auditd.conf
@@ -5,7 +5,7 @@
local_events = yes
write_logs = yes
log_file = /var/log/audit/audit.log
-log_group = root
+log_group = audit
log_format = ENRICHED
flush = INCREMENTAL_ASYNC
freq = 50