From d91365d71407ada863fa0f6d1b2406800b42df43 Mon Sep 17 00:00:00 2001
From: Alexander Ried <ried@mytum.de>
Date: Sat, 15 Oct 2016 16:03:41 +0200
Subject: audit module: only enable service if kernel has audit (#19569)

---
 nixos/modules/security/audit.nix | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/nixos/modules/security/audit.nix b/nixos/modules/security/audit.nix
index ebfe594d0c71..7ac21fd96507 100644
--- a/nixos/modules/security/audit.nix
+++ b/nixos/modules/security/audit.nix
@@ -104,7 +104,11 @@ in {
       description = "Kernel Auditing";
       wantedBy = [ "basic.target" ];
 
-      unitConfig.ConditionVirtualization = "!container";
+      unitConfig = {
+        ConditionVirtualization = "!container";
+        ConditionSecurity = [ "audit" ];
+      };
+
 
       path = [ pkgs.audit ];
 
-- 
cgit 1.4.1