add auditd docker rules

2022-09-22 15:45:18 +02:00 · 2022-09-22 15:45:18 +02:00 · 20071340f0
parent 12e501ad19
commit 20071340f0
1 changed files with 13 additions and 0 deletions
--- a/auditd/etc/audit/rules.d/docker.rules
+++ b/auditd/etc/audit/rules.d/docker.rules
@ -0,0 +1,13 @@
+-w /etc/docker -k docker
+-w /etc/default/docker -k docker
+-w /etc/docker/daemon.json -k docker
+-w /etc/containerd/config.toml -k docker
+-w /lib/systemd/system/docker.service -k docker
+-w /lib/systemd/system/docker.socket -k docker
+-w /run/containerd -k docker
+-w /usr/bin/containerd -k docker
+-w /usr/bin/containerd-shim -k docker
+-w /usr/bin/containerd-shim-runc-v1 -k docker
+-w /usr/bin/containerd-shim-runc-v2 -k docker
+-w /usr/bin/runc -k docker
+-w /var/lib/docker -k docker