Add storage override for journald
Signed-off-by: Knut Ahlers <knut@ahlers.me>
This commit is contained in:
parent
a9fbe7d2f5
commit
8a6a1d81c1
SSH Key Fingerprint:
SHA256:/xtE5lCgiRDQr8SLxHMS92ZBlACmATUmF1crK16Ks4E
2
Makefile
2
Makefile
@ -3,6 +3,7 @@ default:
|
||||
apply-playbook:
|
||||
ansible-playbook \
|
||||
--diff \
|
||||
--extra-vars "pacman_action=test" \
|
||||
--inventory base/usr/share/luzifer/base-setup/inventory \
|
||||
base/usr/share/luzifer/base-setup/playbook.yaml
|
||||
|
||||
@ -10,5 +11,6 @@ test-playbook:
|
||||
ansible-playbook \
|
||||
--check \
|
||||
--diff \
|
||||
--extra-vars "pacman_action=test" \
|
||||
--inventory base/usr/share/luzifer/base-setup/inventory \
|
||||
base/usr/share/luzifer/base-setup/playbook.yaml
|
||||
|
||||
2
PKGBUILD
2
PKGBUILD
@ -7,7 +7,7 @@ pkgname=(
|
||||
luzifer-gui
|
||||
luzifer-lenovo-gui
|
||||
)
|
||||
pkgver=0.13.0
|
||||
pkgver=0.13.1
|
||||
pkgrel=1
|
||||
pkgdesc='System configuration for @luzifer systems'
|
||||
arch=(any)
|
||||
|
||||
@ -18,3 +18,7 @@ net.ipv6.conf.default.accept_redirects = 0
|
||||
# CNSPEC: Ensure secure ICMP redirects are not accepted
|
||||
net.ipv4.conf.all.secure_redirects = 0
|
||||
net.ipv4.conf.default.secure_redirects = 0
|
||||
|
||||
# CNSPEC: Ensure packet redirect sending is disabled
|
||||
net.ipv4.conf.all.send_redirects = 0
|
||||
net.ipv4.conf.default.send_redirects = 0
|
||||
|
||||
@ -57,4 +57,19 @@
|
||||
mode: '0640'
|
||||
owner: root
|
||||
|
||||
- name: Create journald override dir
|
||||
file:
|
||||
dest: /etc/systemd/journald.conf.d
|
||||
state: directory
|
||||
|
||||
- name: Configure journald to store persistent logs
|
||||
copy:
|
||||
content: |
|
||||
[Journal]
|
||||
# CSPEC: Ensure journald is configured to write logfiles to persistent disk
|
||||
Storage=persistent
|
||||
dest: /etc/systemd/journald.conf.d/10-luzifer-base-store-persistent.conf
|
||||
mode: '0644'
|
||||
owner: root
|
||||
|
||||
...
|
||||
|
||||
Loading…
Reference in New Issue
Block a user