security: enable audit logging of program launch

2024-08-30 14:20:29 +02:00 · 2024-08-30 14:20:29 +02:00 · d33b8f05ee
commit d33b8f05ee
parent 173678734c
2 changed files with 11 additions and 0 deletions
--- a/audit.nix
+++ b/audit.nix
@ -0,0 +1,7 @@
+{
+  security.auditd.enable = true;
+  security.audit.enable = true;
+  security.audit.rules = [
+    "-a exit,always -F arch=b64 -S execve"
+  ];
+}