Skip to content

Commit

Permalink
auditd.service: Restart 'on-failure', ignoring some exit codes (linux…
Browse files Browse the repository at this point in the history 
…-audit#217)

Use `Restart=on-failure` to automatically restart `auditd`. Do not
restart for intentional exits. See EXIT CODES section in auditd(8).

See:
- https://www.freedesktop.org/software/systemd/man/systemd.service.html#Restart=
- https://www.freedesktop.org/software/systemd/man/systemd.service.html#RestartPreventExitStatus=

Fixes: linux-audit#211
  • Loading branch information
@travier
travier authored Oct 1, 2021
1 parent df41c5d commit 30382bf
Showing 1 changed file with 3 additions and 0 deletions.
3 changes: 3 additions & 0 deletions init.d/auditd.service
View file
Original file line number Diff line number Diff line change
@@ -27,6 +27,9 @@ ExecStartPost=-/sbin/augenrules --load
# By default we don't clear the rules on exit. To enable this, uncomment
# the next line after copying the file to /etc/systemd/system/auditd.service
#ExecStopPost=/sbin/auditctl -R /etc/audit/audit-stop.rules
Restart=on-failure
# Do not restart for intentional exits. See EXIT CODES section in auditd(8).
RestartPreventExitStatus=2 4 6

### Security Settings ###
MemoryDenyWriteExecute=true

0 comments on commit 30382bf

Please sign in to comment.