From 6e66b90ea5f6ee5d40812f1d68b7ac5a10653be9 Mon Sep 17 00:00:00 2001 From: Michael Marineau Date: Wed, 29 Jul 2015 19:07:06 -0700 Subject: [PATCH] profiles: enable audit in systemd and the kernel --- .../profiles/coreos/targets/generic/package.use | 5 ++++- .../coreos-overlay/sys-process/audit/audit-2.4.3.ebuild | 2 +- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/targets/generic/package.use b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/targets/generic/package.use index b8ed7f9a87..ba5b3db9e7 100644 --- a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/targets/generic/package.use +++ b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/targets/generic/package.use @@ -23,7 +23,7 @@ sys-libs/pam -berkdb sys-libs/gdbm berkdb # enable journal gateway and container features, avoid pulling in gnutls -sys-apps/systemd importd http nat -ssl +sys-apps/systemd audit importd http nat -ssl net-libs/libmicrohttpd -ssl sys-boot/syslinux -custom-cflags @@ -35,3 +35,6 @@ dev-util/pkgconfig internal-glib # minimize risk removing unneeded patches and networking support app-shells/bash -net vanilla + +# enable audit subsystem by default +sys-kernel/coreos-kernel audit diff --git a/sdk_container/src/third_party/coreos-overlay/sys-process/audit/audit-2.4.3.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-process/audit/audit-2.4.3.ebuild index 71190d49fc..81bb48a8a6 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-process/audit/audit-2.4.3.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/sys-process/audit/audit-2.4.3.ebuild @@ -14,7 +14,7 @@ SRC_URI="http://people.redhat.com/sgrubb/audit/${P}.tar.gz" LICENSE="GPL-2" SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86" +KEYWORDS="~alpha amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86" IUSE="daemon ldap python" # Testcases are pretty useless as they are built for RedHat users/groups and # kernels.