auditd.service

This unit is provided by:

• https://archlinux.org/packages/core/x86_64/audit/

• https://packages.debian.org/unstable/auditd

• https://packages.fedoraproject.org/pkgs/audit/

• https://software.opensuse.org/package/audit

Options

• [Install]
  • WantedBy=multi-user.target
• [Service]
  • ExecStart=/sbin/auditd
  • ExecStartPost=-/sbin/augenrules --load
  • ExecStopPost=/sbin/auditctl -R /etc/audit/audit-stop.rules
  • LockPersonality
    Introduced in systemd 235
    =yes
  • MemoryDenyWriteExecute
    Introduced in systemd 231
    =yes
  • PIDFile=/run/auditd.pid
  • ProtectClock
    Introduced in systemd 245
    =yes
  • ProtectControlGroups
    Introduced in systemd 232
    =yes
  • ProtectHome
    Introduced in systemd 214
    =yes
  • ProtectHostname
    Introduced in systemd 242
    =yes
  • ProtectKernelLogs
    Introduced in systemd 244
    =yes
  • ProtectKernelModules
    Introduced in systemd 232
    =yes
  • ProtectKernelTunables
    Introduced in systemd 232
    =yes
  • ProtectSystem
    Introduced in systemd 214
    =full
  • Restart=on-failure
  • RestartPreventExitStatus=2 4 6
  • RestrictRealtime
    Introduced in systemd 231
    =yes
  • Type=forking
• [Unit]
  • After=local-fs.target systemd-tmpfiles-setup.service
  • Before=sysinit.target shutdown.target
  • ConditionKernelCommandLine=!audit=0
  • ConditionKernelCommandLine=!audit=0 !audit=off
  • Conflicts=shutdown.target
  • DefaultDependencies=no
  • Description=Security Auditing Service
  • Documentation=man:auditd(8) https://github.com/linux-audit/audit-documentation
  • PropagatesStopTo=augenrules.service
  • RefuseManualStop=yes
  • Requires=augenrules.service

Additionnal notes

Nothing here.