SHA256
1
0
forked from pool/audit
audit/change-default-log_group.patch
Marcus Meissner d19eedf2c5 Accepting request 867563 from home:ematsumiya:branches:security
- Create new "audit" group for read access to logs (bsc#1178154)
  * add change-default-log_group.patch
  * update audit-secondary.spec

OBS-URL: https://build.opensuse.org/request/show/867563
OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=116
2021-01-30 08:05:50 +00:00

22 lines
531 B
Diff

From: Enzo Matsumiya <ematsumiya@suse.de>
Date: Thu Jan 28 18:11:39 UTC 2021
References: bsc#1178154
Patch-mainline: Not yet, under review
Subject: change default log_group to "audit"
Change the default log_group to newly added "audit" group.
Signed-Off-by: Enzo Matsumiya <ematsumiya@suse.de>
--- a/init.d/auditd.conf
+++ b/init.d/auditd.conf
@@ -5,7 +5,7 @@
local_events = yes
write_logs = yes
log_file = /var/log/audit/audit.log
-log_group = root
+log_group = audit
log_format = RAW
flush = INCREMENTAL_ASYNC
freq = 50