infrastructure/ansible-ops-management
7
1
Fork 0
Code Issues Pull Requests Projects Releases Activity

add stime audit rule

Browse Source
This commit is contained in:
Louis Abel 2024-04-08 11:57:14 -07:00
parent cfdb44c204
commit 347dc10d88
Signed by: label
GPG Key ID: 2A6975660E424560
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
templates/etc/audit/rules.d/collection.rules.j2
View File

@ -3,6 +3,7 @@
-a always,exit -F arch=b64 -S adjtimex,settimeofday,clock_settime -k time-change
-a always,exit -F arch=b32 -S adjtimex,settimeofday,clock_settime -k time-change
-a always,exit -F arch=b32 -S stime -F key=audit_time_rule
-w /etc/localtime -p wa -k time-change
## Records when events occur that modify user and group passwords and ID's