From e26c9112f95b2b3503dd8650bb9f49c11940d5a6 Mon Sep 17 00:00:00 2001 From: Major Hayden Date: Thu, 9 Jun 2016 15:14:42 -0500 Subject: [PATCH] Restart auditd after running augenrules The augenrules command joins together all of the audit rules from rules.d and it is run any time the audit rules template changes. However, the augenrules handler didn't actually restart auditd to apply the changes to the system. This patch fires off the auditd restart handler anytime the augenrules handler is notified. Closes-bug: 1590916 Change-Id: Ice83fe17ebb0e9edff9da897e435ae96c1778580 (cherry picked from commit 809b6cb52db069fc2cfc4e22f11fef417a893195) --- handlers/main.yml | 1 + releasenotes/notes/augenrules-restart-39fe3e1e2de3eaba.yaml | 5 +++++ 2 files changed, 6 insertions(+) create mode 100644 releasenotes/notes/augenrules-restart-39fe3e1e2de3eaba.yaml diff --git a/handlers/main.yml b/handlers/main.yml index ed5c88f5..9ab6cac7 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -57,6 +57,7 @@ # Miscellaneous ############################################################## - name: generate auditd rules command: augenrules --load + notify: restart auditd # This will take a while to complete the first run, so we will fork it into # the background so it doesn't hold up the whole playbook. diff --git a/releasenotes/notes/augenrules-restart-39fe3e1e2de3eaba.yaml b/releasenotes/notes/augenrules-restart-39fe3e1e2de3eaba.yaml new file mode 100644 index 00000000..45311efd --- /dev/null +++ b/releasenotes/notes/augenrules-restart-39fe3e1e2de3eaba.yaml @@ -0,0 +1,5 @@ +--- +fixes: + - The role previously did not restart the audit daemon after generating a + new rules file. The `bug `_ has been + fixed and the audit daemon will be restarted after any audit rule changes.