Append to /etc/audit/audit.rules fails to work with cat >>

[Steve Button]

Hi,

I'm trying this :-

{

            "type": "file",

            "source": "./files/audit.rules",

            "destination": "/tmp/audit.rules"

        },

        {

            "type": "shell",

            "inline": [

                "cat /tmp/audit.rules >> /etc/audit/audit.rules"

            ],

            "execute_command": "{{ .Vars }} sudo -E -S sh '{{ .Path }}'"

        },

But when I later try to cat audit.rules (in my Jenkins groovy script, which does a terraform build using the AWS AMI created by packer).

none of the extra rules are appended to the file.

Can anyone see a reason why this would fail? 

Is there a decent way to produce debug output to see what's happening?

Here's some of the packer output, with the last couple of shell scripts being the one above and then one which just starts docker.

1501747857,,ui,say,==> amazon-ebs: Uploading ./files/audit.rules => /tmp/audit.rules
1501747857,,ui,say,==> amazon-ebs: Provisioning with shell script: /tmp/packer-shell491961015
1501747857,,ui,say,==> amazon-ebs: Provisioning with shell script: /tmp/packer-shell846133939
1501747859,,ui,say,==> amazon-ebs: Stopping the source instance...
1501747860,,ui,say,==> amazon-ebs: Waiting for the instance to stop...

[Alvaro Miranda Aguilera]

try

cat /tmp/audit.rules | sudo tee -a /etc/audit/audit.rules

--
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
 
GitHub Issues: https://github.com/mitchellh/packer/issues
IRC: #packer-tool on Freenode
---
You received this message because you are subscribed to the Google Groups "Packer" group.
To unsubscribe from this group and stop receiving emails from it, send an email to packer-tool+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/0e2f654c-cffd-4f21-ac53-ce7d32113dc7%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

--

Alvaro

[Steve Button]

yeah, tried that and I'm getting exactly the same behavior. It's as if the changes aren't getting baked into the AMI. 

... and then after a little more investigation I read the man page for audit.rules, and I'm creating the file in the wrong place. That file gets overwritten by what's in /etc/audit/rules.d/

Thanks for suggestion, it got me thinking. Problem solved.

To unsubscribe from this group and stop receiving emails from it, send an email to packer-tool...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/packer-tool/0e2f654c-cffd-4f21-ac53-ce7d32113dc7%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

--

Alvaro