From mboxrd@z Thu Jan  1 00:00:00 1970
From: Laurent Bigonville <bigon@debian.org>
Subject: Compiling rules at boot when using systemd
Date: Thu, 23 May 2013 01:06:48 +0200
Message-ID: <20130523010648.4a6f4f32@fornost.bigon.be>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Return-path: <linux-audit-bounces@redhat.com>
Received: from mx1.redhat.com (ext-mx16.extmail.prod.ext.phx2.redhat.com
	[10.5.110.21])
	by int-mx01.intmail.prod.int.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id r4MN6wPG032460
	for <linux-audit@redhat.com>; Wed, 22 May 2013 19:06:58 -0400
Received: from anor.bigon.be (anor.bigon.be [91.121.173.99])
	by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id r4MN6udp008643
	for <linux-audit@redhat.com>; Wed, 22 May 2013 19:06:57 -0400
Received: from anor.bigon.be (localhost.localdomain [127.0.0.1])
	by anor.bigon.be (Postfix) with ESMTP id E16071A0C8
	for <linux-audit@redhat.com>; Thu, 23 May 2013 01:06:54 +0200 (CEST)
Received: from anor.bigon.be ([127.0.0.1])
	by anor.bigon.be (anor.bigon.be [127.0.0.1]) (amavisd-new, port 10026)
	with ESMTP id 3mY-GsFTAGg8 for <linux-audit@redhat.com>;
	Thu, 23 May 2013 01:06:49 +0200 (CEST)
Received: from fornost.bigon.be (unknown
	[IPv6:2a02:578:85fc:1:226:18ff:fe08:6073])
	(using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits))
	(Client did not present a certificate) (Authenticated sender: bigon)
	by anor.bigon.be (Postfix) with ESMTPSA id 8AECF1A070
	for <linux-audit@redhat.com>; Thu, 23 May 2013 01:06:49 +0200 (CEST)
List-Unsubscribe: <https://www.redhat.com/mailman/options/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/linux-audit>
List-Post: <mailto:linux-audit@redhat.com>
List-Help: <mailto:linux-audit-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=subscribe>
Sender: linux-audit-bounces@redhat.com
Errors-To: linux-audit-bounces@redhat.com
To: linux-audit@redhat.com
List-Id: linux-audit@redhat.com

Hello,

I was wondering, the currently proposed solution to compile the rules
when using systemd (copying the .services into /etc by hand) seems
pretty hackish to me. Wouldn't it be better if there was a 2nd systemd
.service file dedicated to call augenrules, disabled by default and
depending against the main auditd.service file?

This way the user could enable that new service instead of copying
files by hand. This sounds better in distribution-wise and in cases
changes are made to the .service file, the user will not be stuck with
an old version in /etc.

Any idea on this?

Cheers

Laurent Bigonville