GNU bug report logs - #54309
[PATCH] services: auditd: use exclusive log directory for auditd

Previous Next

Package: guix-patches;

Reported by: fesoj000 <fesoj000 <at> gmail.com>

Date: Wed, 9 Mar 2022 19:22:02 UTC

Severity: normal

Tags: patch

Full log

View this message in rfc822 format

From: Maxime Devos <maximedevos <at> telenet.be>
To: fesoj000 <fesoj000 <at> gmail.com>, 54309 <at> debbugs.gnu.org
Subject: [bug#54309] [PATCH] services: auditd: use exclusive log directory for auditd
Date: Wed, 09 Mar 2022 20:36:09 +0100

[Message part 1 (text/plain, inline)]
fesoj000 schreef op wo 09-03-2022 om 20:21 [+0100]:
> Currently auditd writes logs to /var/log/audit.log. This is a problem because
> auditd changes the permissions of the directory audit.log lives in to
> 700.

Why is auditd doing this?  Can this behaviour be patched out? Is there
an upstream report?

>  /var/log usually has 755, this is assumed by some services. postgresql
> for example, fails when used together with auditd.

Why does postgresql care about the group and other bits?
Could postgresql be modified not to care?

What are the reasons for changing the group and other bits?
Perhaps that should be done by default by Guix when creating
/var/log (POLA)?

In any case, I would recommend adding to auditd.scm to make clear
why the default log location is unacceptable.

Greetings,
Maxime.

[signature.asc (application/pgp-signature, inline)]
This bug report was last modified 3 years and 85 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.