From df5afa4fcd9725380f94ca6476248d4cc24f889a Mon Sep 17 00:00:00 2001 From: Ashlee Young Date: Sun, 29 Nov 2015 08:22:13 -0800 Subject: v2.4.4 audit sources Change-Id: I9315a7408817db51edf084fb4d27fbb492785084 Signed-off-by: Ashlee Young --- .../src/audit/audisp/plugins/builtins/Makefile.am | 39 ++++++++++++++++++++++ .../src/audit/audisp/plugins/builtins/af_unix.conf | 14 ++++++++ .../src/audit/audisp/plugins/builtins/syslog.conf | 13 ++++++++ 3 files changed, 66 insertions(+) create mode 100644 framework/src/audit/audisp/plugins/builtins/Makefile.am create mode 100644 framework/src/audit/audisp/plugins/builtins/af_unix.conf create mode 100644 framework/src/audit/audisp/plugins/builtins/syslog.conf (limited to 'framework/src/audit/audisp/plugins/builtins') diff --git a/framework/src/audit/audisp/plugins/builtins/Makefile.am b/framework/src/audit/audisp/plugins/builtins/Makefile.am new file mode 100644 index 00000000..713dee86 --- /dev/null +++ b/framework/src/audit/audisp/plugins/builtins/Makefile.am @@ -0,0 +1,39 @@ +# Makefile.am-- +# Copyright 2007 Red Hat Inc., Durham, North Carolina. +# All Rights Reserved. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +# Authors: +# Steve Grubb +# + +CONFIG_CLEAN_FILES = *.rej *.orig +CONF_FILES = af_unix.conf syslog.conf +EXTRA_DIST = $(CONF_FILES) +plugin_confdir=$(sysconfdir)/audisp/plugins.d + +install-data-hook: + mkdir -p -m 0750 ${DESTDIR}${plugin_confdir} + for i in $(CONF_FILES); do \ + $(INSTALL_DATA) -D -m 640 ${srcdir}/"$$i" \ + ${DESTDIR}${plugin_confdir}; \ + done + +uninstall-hook: + for i in $(CONF_FILES); do \ + rm ${DESTDIR}${plugin_confdir}/"$$i"; \ + done + diff --git a/framework/src/audit/audisp/plugins/builtins/af_unix.conf b/framework/src/audit/audisp/plugins/builtins/af_unix.conf new file mode 100644 index 00000000..a5ba8b1f --- /dev/null +++ b/framework/src/audit/audisp/plugins/builtins/af_unix.conf @@ -0,0 +1,14 @@ + +# This file controls the configuration of the +# af_unix socket plugin. It simply takes events +# and writes them to a unix domain socket. This +# plugin can take 2 arguments, the path for the +# socket and the socket permissions in octal. + +active = no +direction = out +path = builtin_af_unix +type = builtin +args = 0640 /var/run/audispd_events +format = string + diff --git a/framework/src/audit/audisp/plugins/builtins/syslog.conf b/framework/src/audit/audisp/plugins/builtins/syslog.conf new file mode 100644 index 00000000..d603b2f2 --- /dev/null +++ b/framework/src/audit/audisp/plugins/builtins/syslog.conf @@ -0,0 +1,13 @@ +# This file controls the configuration of the syslog plugin. +# It simply takes events and writes them to syslog. The +# arguments provided can be the default priority that you +# want the events written with. And optionally, you can give +# a second argument indicating the facility that you want events +# logged to. Valid options are LOG_LOCAL0 through 7. + +active = no +direction = out +path = builtin_syslog +type = builtin +args = LOG_INFO +format = string -- cgit 1.2.3-korg