There are no major changes this week just a few useful new features added to the systemd and auditd components. Here are the full details…

Systemd presets

As noted last week the LCFG systemd component has now gained support for configuring service presets. This week see the introduction of the new schema and the upgrade of the component package on Ubuntu Focal. Currently there are no standard presets in the LCFG configuration, we will discuss the addition of default settings at a future LCFG monthly meeting.

Linux audit daemon

The auditd component has gained support for specifying additional files which should be monitored for any access (either read, write, execute or changes to attributes). This is done like:

!auditd.watch_files               mADD(ssh)
!auditd.watch_path_ssh            mSET(/usr/bin/ssh)
!auditd.watch_perms_ssh           mSET(aw)
!auditd.watch_key_ssh             mSET(CMD_ssh)

This example would cause the audit daeamon to monitor the ssh client binary for any changes to the contents or attributes.

The key is a simple string which is used to tag any matching events. The permissions are one or more of: r – read of the file, w – write to the file, x – execute the file, a – change in the file’s attribute. See the audit.rules(7) manual page for full details.

Support for this new feature will be completed next week when the new component package is added.

AFS scripts dependencies

There is a new dice/options/afs-scripts.h header which can be used to include all the Perl dependencies for our local AFS scripts. These packages were previously only included on CO desktop machines. The new header makes it possible to include the packages on any DICE machine.

tcsh

Fans of the ancient C shell will be pleased to hear that tcsh is now available on DICE Ubuntu machines.

Weekly Changes – 15/11/2021 / LCFG Project by blogadmin is licensed under a Creative Commons Attribution CC BY 3.0