Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Management of auditd is missing #182
Just to be sure (as this topic is totally new for me):
I'm getting these errors now
Is this issue here the cause of it and is #191 the solution?
@artem-sidorenko this happened on Ubuntu xenial on a VPS. In case that makes any difference.
$ sudo apt install auditd Reading package lists... Done Building dependency tree Reading state information... Done Suggested packages: audispd-plugins The following NEW packages will be installed: auditd 0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded. Need to get 0 B/192 kB of archives. After this operation, 626 kB of additional disk space will be used. Selecting previously unselected package auditd. (Reading database ... 49703 files and directories currently installed.) Preparing to unpack .../auditd_1%3a2.4.5-1ubuntu2.1_amd64.deb ... Unpacking auditd (1:2.4.5-1ubuntu2.1) ... Processing triggers for man-db (2.7.5-1) ... Processing triggers for systemd (229-4ubuntu21.1) ... Setting up auditd (1:2.4.5-1ubuntu2.1) ... update-rc.d: warning: start and stop actions are no longer supported; falling back to defaults Job for auditd.service failed because the control process exited with error code. See "systemctl status auditd.service" and "journalctl -xe" for details. invoke-rc.d: initscript auditd, action "start" failed. ● auditd.service - Security Auditing Service Loaded: loaded (/lib/systemd/system/auditd.service; enabled; vendor preset: enabled) Active: failed (Result: exit-code) since Mit 2018-02-21 13:36:26 CET; 15ms ago Process: 14713 ExecStartPost=/sbin/auditctl -R /etc/audit/audit.rules (code=exited, status=0/SUCCESS) Process: 14712 ExecStart=/sbin/auditd -n (code=exited, status=1/FAILURE) Main PID: 14712 (code=exited, status=1/FAILURE) Feb 21 13:36:26 some.host.name auditd: Started dispatcher: /sbin/audispd pid: 14716 Feb 21 13:36:26 some.host.name audispd: priority_boost_parser called with: 4 dpkg: error processing package auditd (--configure): subprocess installed post-installation script returned error exit status 1 Processing triggers for systemd (229-4ubuntu21.1) ... Errors were encountered while processing: auditd E: Sub-process /usr/bin/dpkg returned an error code (1)
I will open another issue for making
@chris-rock usually yes - if it works, can be easily done and saves implementation/maintenance efforts. On the other side - if our own implementation ends up in just a simple template/service/file resource, when we should avoid the dependency from my view.