Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
This commit is contained in:
@@ -42,13 +42,13 @@ cat << EOF >| /etc/audit/rules.d/00-base-config.rules
|
||||
|
||||
## Increase the buffers to survive stress events.
|
||||
## Make this bigger for busy systems.
|
||||
-b 16384
|
||||
-b 262144
|
||||
|
||||
## Rate Limit. Cap kernel->userspace message rate (0 = unlimited).
|
||||
-r 200
|
||||
|
||||
## This determine how long to wait in burst of events. How long to wait in bursts (us).
|
||||
--backlog_wait_time 1024
|
||||
--backlog_wait_time 16384
|
||||
|
||||
## Set failure mode to syslog.
|
||||
-f 1
|
||||
|
||||
@@ -24,6 +24,7 @@ include_toc: true
|
||||
* **Changed**: [9999_cdi_starter.sh](../scripts/usr/local/sbin/9999_cdi_starter.sh) Fixed: ``sysctl -p /etc/sysctl.d/90-ciss-local.hardened``
|
||||
* **Changed**: [0042_ciss_post_decrypt_attest](../config/includes.chroot/usr/lib/live/boot/0042_ciss_post_decrypt_attest) Fixed: Signature checksum verification.
|
||||
* **Changed**: [0024-ciss-crypt-squash](../config/includes.chroot/usr/lib/live/boot/0024-ciss-crypt-squash) Added: ``ensure_minimal_dev_nodes()``
|
||||
* **Changed**: [9996_auditd.chroot](../config/hooks/live/9996_auditd.chroot) Unified with Kernel command line options: ``-b 262144``
|
||||
|
||||
## V9.14.016.2026.06.06
|
||||
* **Changed**: [zzzz_ciss_uki_build.hook.binary](../config/hooks/live/zzzz_ciss_uki_build.hook.binary)
|
||||
|
||||
Reference in New Issue
Block a user