linuxkit

github/linuxkit

Fork 0

mirror of https://github.com/linuxkit/linuxkit.git synced 2025-07-21 01:59:07 +00:00

Commit Graph

Author	SHA1	Message	Date
Tycho Andersen	44cbd38650	add an auditd container Two things to note here: we unfortunately can't just exec audit, because something needs to load the rules in beforehand. Second, it also dies if it can't re-nice itself, so we have to give it CAP_SYS_NICE as well as the audit caps. I didn't add this to the default linuxkit.yml because the linuxkit/audit repo doesn't exist yet, but we should probably (?) do that. Additionally, we should provide the kernel parameter audit=1, otherwise according to auditd's man pages, we can't audit some early tasks. Closes #52 Signed-off-by: Tycho Andersen <tycho@docker.com>	2017-06-28 09:15:51 -06:00

Author

SHA1

Message

Date

Tycho Andersen

44cbd38650

add an auditd container

Two things to note here: we unfortunately can't just exec audit, because
something needs to load the rules in beforehand.

Second, it also dies if it can't re-nice itself, so we have to give it
CAP_SYS_NICE as well as the audit caps.

I didn't add this to the default linuxkit.yml because the linuxkit/audit
repo doesn't exist yet, but we should probably (?) do that. Additionally,
we should provide the kernel parameter audit=1, otherwise according to
auditd's man pages, we can't audit some early tasks.

Closes #52

Signed-off-by: Tycho Andersen <tycho@docker.com>

2017-06-28 09:15:51 -06:00

1 Commits