X-Git-Url: https://gerrit.akraino.org/r/gitweb?a=blobdiff_plain;f=roles%2Faudit%2Ftemplates%2F50-file-changes.rules.j2;h=c81c6a500262df0a3232a76b4ad84f5e898b0f3f;hb=bb5a48dd936f398e07335212583c5859abf0fafc;hp=af0ca75d10ca1cea96707a1a856f9eabe8f15c21;hpb=74a49ba6ef2ea715fa492db0bcd85c30398688e8;p=ta%2Finfra-ansible.git

diff --git a/roles/audit/templates/50-file-changes.rules.j2 b/roles/audit/templates/50-file-changes.rules.j2
index af0ca75..c81c6a5 100644
--- a/roles/audit/templates/50-file-changes.rules.j2
+++ b/roles/audit/templates/50-file-changes.rules.j2
@@ -1,21 +1,27 @@
 ## file changes
+-w /usr/local/bin/hostcli -p aw -k hostcli
+-w /usr/bin/openstack -p aw -k openstackcli
 -w /boot/ -p rwxa -k dir_boot
 -w /opt/ -p aw -k dir_opt
 -w /etc/ -p rwa -k dir_etc
--w /usr/bin -p aw -k usr-bin
--w /usr/sbin -p aw -k usr-sbin
+-w /usr/bin -p rwxa -k usr-bin
+-w /usr/sbin -p rwxa -k usr-sbin
 -w /usr/libexec -p aw -k usr-libexex
--w /usr/local -p rwxa -k usr-local
+-w /usr/local -p awx -k usr-local
 -w /mnt/symptomreport/ -p awr -k symptomreport
 -w /usr/lib -p aw -k usr-lib
 -w /usr/lib64 -p aw -k usr-lib64
 -w /var/log/audit/ -k audit-logs
 -w /var/log/sudo.log -p wa -k actions
+{% if ansible_architecture not in ['aarch64'] %}
 -a always,exit -F arch=b64 -S epoll_wait_old -F key=64bit_epoll_wait_old
+{% endif %}
 -a always,exit -F arch=b32 -S inotify_add_watch -F key=32bit_inotify_add_watch
 -a always,exit -F arch=b64 -S inotify_add_watch -F key=64bit_inotify_add_watch
+{% if ansible_architecture not in ['aarch64'] %}
 -a always,exit -F arch=b32 -S inotify_init -F key=32bit_inotify_init
 -a always,exit -F arch=b64 -S inotify_init -F key=64bit_inotify_init
+{% endif %}
 -a always,exit -F arch=b32 -S inotify_init1 -F key=32bit_inotify_init1
 -a always,exit -F arch=b64 -S inotify_init1 -F key=64bit_inotify_init1
 -a always,exit -F arch=b32 -S inotify_rm_watch -F key=32bit_inotify_rm_watch