audit module: only enable service if kernel has audit (#19569)

author: Alexander Ried <ried@mytum.de> 2016-10-15 16:03:41 +0200
committer: Franz Pletz <fpletz@fnordicwalking.de> 2016-10-15 16:03:41 +0200
commit: d91365d71407ada863fa0f6d1b2406800b42df43 (patch)
tree: ce940439f4b7903d2921ae9c77f83ed3bde34fc4
parent: 267c7a299c85ddc2d9a8cc542498bd72c8aad00d (diff)
download: nixlib-d91365d71407ada863fa0f6d1b2406800b42df43.tar
nixlib-d91365d71407ada863fa0f6d1b2406800b42df43.tar.gz
nixlib-d91365d71407ada863fa0f6d1b2406800b42df43.tar.bz2
nixlib-d91365d71407ada863fa0f6d1b2406800b42df43.tar.lz
nixlib-d91365d71407ada863fa0f6d1b2406800b42df43.tar.xz
nixlib-d91365d71407ada863fa0f6d1b2406800b42df43.tar.zst
nixlib-d91365d71407ada863fa0f6d1b2406800b42df43.zip
1 files changed, 5 insertions, 1 deletions
diff --git a/nixos/modules/security/audit.nix b/nixos/modules/security/audit.nix
index ebfe594d0c71..7ac21fd96507 100644
--- a/nixos/modules/security/audit.nix
+++ b/nixos/modules/security/audit.nix
@@ -104,7 +104,11 @@ in {
       description = "Kernel Auditing";
       wantedBy = [ "basic.target" ];
 
-      unitConfig.ConditionVirtualization = "!container";
+      unitConfig = {
+        ConditionVirtualization = "!container";
+        ConditionSecurity = [ "audit" ];
+      };
+
 
       path = [ pkgs.audit ];
author	Alexander Ried <ried@mytum.de>	2016-10-15 16:03:41 +0200
committer	Franz Pletz <fpletz@fnordicwalking.de>	2016-10-15 16:03:41 +0200
commit	d91365d71407ada863fa0f6d1b2406800b42df43 (patch)
tree	ce940439f4b7903d2921ae9c77f83ed3bde34fc4
parent	267c7a299c85ddc2d9a8cc542498bd72c8aad00d (diff)
download	nixlib-d91365d71407ada863fa0f6d1b2406800b42df43.tar nixlib-d91365d71407ada863fa0f6d1b2406800b42df43.tar.gz nixlib-d91365d71407ada863fa0f6d1b2406800b42df43.tar.bz2 nixlib-d91365d71407ada863fa0f6d1b2406800b42df43.tar.lz nixlib-d91365d71407ada863fa0f6d1b2406800b42df43.tar.xz nixlib-d91365d71407ada863fa0f6d1b2406800b42df43.tar.zst nixlib-d91365d71407ada863fa0f6d1b2406800b42df43.zip