target,{base,}sdk: Drop auditd (!180) · Merge requests · infrastructure / apertis-image-recipes

Emanuele Aina requested to merge wip/em/drop-auditd into apertis/v2020dev0 Sep 09, 2019

The audit log can now be retrieved from the systemd journal and most if not all the testcases have been switched to do that.

On the ostree images the auditd.service is failing because /var/log/audit is not being created on boot.

# systemctl status auditd.service
● auditd.service - Security Auditing Service
   Loaded: loaded (/lib/systemd/system/auditd.service; enabled; vendor preset: enabled)
   Active: failed (Result: exit-code) since Thu 2019-09-05 22:55:59 UTC; 20s ago
     Docs: man:auditd(8)
	   https://github.com/linux-audit/audit-documentation
  Process: 335 ExecStart=/sbin/auditd (code=exited, status=6)

Sep 05 22:55:59 apertis systemd[1]: Starting Security Auditing Service...
Sep 05 22:55:59 apertis auditd[335]: Could not open dir /var/log/audit (No such file or directory)
Sep 05 22:55:59 apertis auditd[335]: The audit daemon is exiting.
Sep 05 22:55:59 apertis systemd[1]: auditd.service: Control process exited, code=exited, status=6/NOTCONFIGURED
Sep 05 22:55:59 apertis systemd[1]: auditd.service: Failed with result 'exit-code'.
Sep 05 22:55:59 apertis systemd[1]: Failed to start Security Auditing Service.

Any remaining non-ostree testcase still using audit.log can be ported to the journal as the longer term solution or it can add a dependency on the auditd package in the short term.

Admin message

target,{base,}sdk: Drop auditd

Merge request reports