Skip to main content

AUDIT.YML

 ---
- name: Update auditd.conf and restart auditd service
  hosts: all
  become: yes
  tasks:

    - name: Ensure the line 'disk_full_action = halt' exists in auditd.conf
      lineinfile:
        path: /etc/audit/auditd.conf
        regexp: '^disk_full_action'
        line: 'disk_full_action = halt'
        state: present
      register: disk_full_action_changed

    - name: Ensure the line 'disk_error_action = halt' exists in auditd.conf
      lineinfile:
        path: /etc/audit/auditd.conf
        regexp: '^disk_error_action'
        line: 'disk_error_action = halt'
        state: present
      register: disk_error_action_changed

    - name: Restart the auditd service
      service:
        name: auditd
        state: restarted
      when: disk_full_action_changed.changed or disk_error_action_changed.changed

Comments

Post a Comment

Popular posts from this blog

Command for finding process using too much CPU

Command for finding process using too much CPU   Try doing this : top - b - n1 - c   And if you want the process that takes the most %CPU times : top - b - n1 - c | awk '/PID *USER/{print;getline;print}' or top - b - n1 - c | grep - A 2 '^$'       Or using a few other utils you could do: ps aux | sort - rk 3 , 3 | head - n 5   Change the value of head to get the number of processes you want to see.
Post a Comment
Read more

User account Lock/Unlock / Disable and enable

User account Lock/Unlock / Disable and enable Ex - Username - testing Lock command =---------- passwd -l testing or usermod -L testing unlock command ================= passwd -u testing or usermod -U testing Disable and Enable ==================== The following will lock an account Code: passwd -l testing You could also change the users shell to /bin/false if you don't want them to log in Code: usermod -s /bin/false testing Enable the account usermod -s /bin/bash tesing
Post a Comment
Read more

Veritas cluster Interview Questions-2

Please go through questions and answers. Let me know if you have any doubt by leaving comment. Adding and removing cluster node  Q-1 How to add a node in an existing cluster? Ans:    Adding a node into an existing cluster is a multi steps process. 1:       Set up the hardware Before adding a node to an existing cluster, node must be physically connected with the cluster.       1: Connect the VCS private Ethernet controllers       2: Connect the node to the shared storage 2:       Install the VCS software in the node           Install the VCS software and install the license. 3:       Configure LLT and GAB Create the LLT & GAB configuration files (/etc/llthosts, /etc/llttab and /etc/gabtab) in the new node and update the files on the existing node. 4:       Add the node to an existing cluster We have to perform below given tasks in any of the exi...
Post a Comment
Read more