Mirror/nix-git
Mirror/nix-git
1
0
Fork 0
mirror of https://codeberg.org/privacy1st/nix-git synced 2024-11-21 22:03:19 +01:00
Code Issues Packages Projects Releases Wiki Activity

journalwatch config

Browse Source
This commit is contained in:
Daniel Langbein 2024-02-25 17:33:54 +01:00
parent 384ee4e324
commit c227ea6f20
Signed by: langfingaz
GPG Key ID: 6C47C753F0823002
1 changed files with 5 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
modules/journalwatch.nix
View File

@ -67,18 +67,6 @@
match = "_TRANSPORT = kernel";
}
#
# _EXE
#
{ # yodaNas
filters = ''
# Ignore any invocation of sudo.
.*
'';
match = "_EXE = //nix/store/[a-z0-9]+-sudo-[0-9]+\\.[0-9]+\\.[0-9]+[a-z0-9]+/bin/sudo/";
}
#
# _SYSTEMD_CGROUP
#
@ -405,9 +393,13 @@
'';
match = "SYSLOG_IDENTIFIER = sshd";
}
{ # yodaTux. If the user `yoda` runs a command with `sudo`.
{
filters = ''
# yodaTux. If the user `yoda` runs a command with `sudo`.
\s+yoda : TTY=pts/[0-9] ; PWD=/\S+ ; USER=root ; COMMAND=/.+
# yodaNas. If the btrbk service is run.
\s+btrbk : PWD=/ ; USER=root ; COMMAND=/.+
\s+root : PWD=/ ; USER=root ; COMMAND=/nix/store/[a-z0-9]+-btrfs-progs-[0-9\.]+/bin/btrfs (subvolume show|subvolume delete --commit-each|send|receive) .+
'';
match = "SYSLOG_IDENTIFIER = sudo";
}