security: enable audit logging of program launch

2024-08-30 14:20:29 +02:00 · 2024-08-30 14:20:29 +02:00 · d33b8f05ee
commit d33b8f05ee
parent 173678734c
2 changed files with 11 additions and 0 deletions
--- a/audit.nix
+++ b/audit.nix
@ -0,0 +1,7 @@
+{
+  security.auditd.enable = true;
+  security.audit.enable = true;
+  security.audit.rules = [
+    "-a exit,always -F arch=b64 -S execve"
+  ];
+}
--- a/configuration.nix
+++ b/configuration.nix
@ -5,10 +5,14 @@ in
 { lib, ... }: {
  imports = [
    ./hardware-configuration.nix
+    ./audit.nix
+
    ./openssh.nix
    ./tailscale.nix
+
    ./firewall.nix
    ./fail2ban.nix
+
    ./borgbackup.nix

    ./ftp.nix