diff options
author | Danny Milosavljevic <dannym@scratchpost.org> | 2019-06-04 09:27:43 +0200 |
---|---|---|
committer | Danny Milosavljevic <dannym@scratchpost.org> | 2019-06-06 22:23:35 +0200 |
commit | 07023ebc1892a559cad1f80235a4afb0955b29ab (patch) | |
tree | f6af29e13e89e0b79840f133219c2150bbcb350c /gnu/services | |
parent | 850f7873452a8936c5cdb5206aac728e18c44d4c (diff) | |
download | guix-07023ebc1892a559cad1f80235a4afb0955b29ab.tar.gz guix-07023ebc1892a559cad1f80235a4afb0955b29ab.zip |
services: Add auditd.
* gnu/services/auditd.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
* doc/guix.texi (Miscellaneous Services): Document it.
Diffstat (limited to 'gnu/services')
-rw-r--r-- | gnu/services/auditd.scm | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/gnu/services/auditd.scm b/gnu/services/auditd.scm new file mode 100644 index 0000000000..8a9292015f --- /dev/null +++ b/gnu/services/auditd.scm @@ -0,0 +1,54 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2019 Danny Milosavljevic <dannym@scratchpost.org> +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. + +(define-module (gnu services auditd) + #:use-module (gnu services) + #:use-module (gnu services configuration) + #:use-module (gnu services base) + #:use-module (gnu services shepherd) + #:use-module (gnu packages admin) + #:use-module (guix records) + #:use-module (guix gexp) + #:use-module (guix packages) + #:export (auditd-configuration + auditd-service-type)) + +; /etc/audit/audit.rules + +(define-configuration auditd-configuration + (audit + (package audit) + "Audit package.")) + +(define (auditd-shepherd-service config) + (let* ((audit (auditd-configuration-audit config))) + (list (shepherd-service + (documentation "Auditd allows you to audit file system accesses.") + (provision '(auditd)) + (start #~(make-forkexec-constructor + (list (string-append #$audit "/sbin/auditd")))) + (stop #~(make-kill-destructor)))))) + +(define auditd-service-type + (service-type (name 'auditd) + (description "Allows auditing file system accesses.") + (extensions + (list + (service-extension shepherd-root-service-type + auditd-shepherd-service))) + (default-value (auditd-configuration)))) |