Enable audit on server systems only

2024-01-20 15:46:15 +00:00
parent 6eb50d3a8f
commit a091fb2a69
2 changed files with 11 additions and 10 deletions
--- a/hosts/server.nix
+++ b/hosts/server.nix
@@ -7,6 +7,16 @@

  documentation.enable = false;

+  security = {
+    auditd.enable = true;
+    audit = {
+      enable = true;
+      rules = [
+        "-a exit,always -F arch=b64 -S execve"
+      ];
+    };
+  };
+
  modules.networking.tailscale = {
    enable = true;
    restrictSSH = false;