1335d0b0df
This patch adds documentation for the audit rule changes found in: https://review.openstack.org/395783 Implements: blueprint security-rhel7-stig Change-Id: I7e30f10fa0a80824cca70c6a4d77488d28573f92
306 B
306 B
---id: RHEL-07-030523 status: implemented tag: auditd ---
The tasks add a rule to auditd that logs each time a user manages the
configuration files for sudo.
Deployers can opt-out of this change by setting an Ansible variable:
security_rhel7_audit_sudo_config_changes: no