Failed to start auditd service in crostini
290 views
Skip to first unread message
Chithra Gurudev
Sep 16, 2022, 7:08:02 AM9/16/22
to ChromiumOS Development
Hi
Every time I try to start/enable auditd service getting an same error tried to re-install auditd packages multiple times but failing with an error.
Cannot change priority
The audit daemon is exiting
Control process exited, code=exited, status=1/FAILURE
Allen Webb
Sep 16, 2022, 7:59:26 AM9/16/22
to Chithra Gurudev, ChromiumOS Development
It looks like you are using systemd. I am not sure whether or not we have a working systemd config for audit. If you want to get it to work, take a look at the upstart configuration.
--
--
Chromium OS Developers mailing list: chromiu...@chromium.org
View archives, change email options, or unsubscribe:
https://groups.google.com/a/chromium.org/group/chromium-os-dev
---
To unsubscribe from this group and stop receiving emails from it, send an email to chromium-os-d...@chromium.org.
Mike Frysinger
Sep 16, 2022, 8:52:33 AM9/16/22
to Allen Webb, Chithra Gurudev, ChromiumOS Development
they're running inside crostini
Allen Webb
Sep 16, 2022, 9:08:51 AM9/16/22
to Mike Frysinger, Chithra Gurudev, ChromiumOS Development
Ah, so they want audit support inside of the guest container for the termina VM.
Chithra Gurudev
Sep 16, 2022, 9:27:52 AM9/16/22
to Allen Webb, Mike Frysinger, ChromiumOS Development
How can that be achieved ?
Mike Frysinger
Sep 16, 2022, 9:30:47 AM9/16/22
to Chithra Gurudev, Allen Webb, ChromiumOS Development
we've never tried. let us know when you've figured it out.
-mike
Chithra Gurudev
Sep 16, 2022, 11:21:53 AM9/16/22
to Mike Frysinger, Allen Webb, ChromiumOS Development
Sure!!!
Daniel Verkamp
Sep 16, 2022, 2:14:56 PM9/16/22
to Chithra Gurudev, Mike Frysinger, Allen Webb, ChromiumOS Development
On Fri, Sep 16, 2022 at 8:21 AM Chithra Gurudev
trying to adjust its `nice` priority beyond what is allowed in the
container.
Setting `priority_boost = 0` in /etc/auditd/auditd.conf will avoid
this particular problem:
https://man7.org/linux/man-pages/man5/auditd.conf.5.html
However, it's likely that other permissions will be missing inside the
container as well; root inside the penguin container is not equivalent
to root/CAP_SYS_ADMIN outside the container.
This discussion looks related to running auditd in a container (I
don't know if this is still the current status):
https://listman.redhat.com/archives/linux-audit/2018-July/msg00078.html
<chithra...@gmail.com> wrote:
>>>>>> On Fri, Sep 16, 2022 at 6:08 AM Chithra Gurudev <chithra...@gmail.com> wrote:
>>>>>>>
>>>>>>> Hi
>>>>>>>
>>>>>>> Every time I try to start/enable auditd service getting an same error tried to re-install auditd packages multiple times but failing with an error.
>>>>>>>
>>>>>>> Cannot change priority
>>>>>>> The audit daemon is exiting
>>>>>>> Control process exited, code=exited, status=1/FAILURE
I don't actually know anything about auditd, but this looks like it's
>>>>>> On Fri, Sep 16, 2022 at 6:08 AM Chithra Gurudev <chithra...@gmail.com> wrote:
>>>>>>>
>>>>>>> Hi
>>>>>>>
>>>>>>> Every time I try to start/enable auditd service getting an same error tried to re-install auditd packages multiple times but failing with an error.
>>>>>>>
>>>>>>> Cannot change priority
>>>>>>> The audit daemon is exiting
>>>>>>> Control process exited, code=exited, status=1/FAILURE
trying to adjust its `nice` priority beyond what is allowed in the
container.
Setting `priority_boost = 0` in /etc/auditd/auditd.conf will avoid
this particular problem:
https://man7.org/linux/man-pages/man5/auditd.conf.5.html
However, it's likely that other permissions will be missing inside the
container as well; root inside the penguin container is not equivalent
to root/CAP_SYS_ADMIN outside the container.
This discussion looks related to running auditd in a container (I
don't know if this is still the current status):
https://listman.redhat.com/archives/linux-audit/2018-July/msg00078.html
Reply all
Reply to author
Forward
0 new messages