forked from ~ljy/RK356X_SDK_RELEASE
blame | history | raw
hc
2024-01-31 f70575805708cabdedea7498aaa3f710fde4d920 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28

[Unit]


Description=Security Auditing Service


DefaultDependencies=no


After=local-fs.target systemd-tmpfiles-setup.service


Before=sysinit.target shutdown.target


Conflicts=shutdown.target


ConditionKernelCommandLine=!audit=0


 


[Service]


Type=forking


PIDFile=/run/auditd.pid


ExecStart=/sbin/auditd


## To use augenrules, uncomment the next line and comment/delete the auditctl line.


## NOTE: augenrules expect any rules to be added to /etc/audit/rules.d/


#ExecStartPost=-/sbin/augenrules --load


ExecStartPost=-/sbin/auditctl -R /etc/audit/audit.rules


# By default we don't clear the rules on exit.


# To enable this, uncomment the next line.


#ExecStopPost=/sbin/auditctl -R /etc/audit/audit-stop.rules


 


### Security Settings ###


MemoryDenyWriteExecute=true


LockPersonality=true


ProtectControlGroups=true


ProtectKernelModules=true


 


[Install]


WantedBy=multi-user.target