18.04 LTS
sudo apt install -y auditd audispd-plugins
Reading package lists... Done
Building dependency tree
Reading state information... Done
auditd is already the newest version (1:2.8.2-1ubuntu1).
0 upgraded, 0 newly installed, 0 to remove and 15 not upgraded.
2 not fully installed or removed.
After this operation, 0 B of additional disk space will be used.
Setting up auditd (1:2.8.2-1ubuntu1) ...
Job for auditd.service failed because the control process exited with error code.
See "systemctl status auditd.service" and "journalctl -xe" for details.
invoke-rc.d: initscript auditd, action "start" failed.
● auditd.service - Security Auditing Service
Loaded: loaded (/lib/systemd/system/auditd.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Fri 2019-03-15 13:03:19 EET; 12ms ago
Docs: man:auditd(8)
https://github.com/linux-audit/audit-documentation
Process: 7171 ExecStart=/sbin/auditd (code=exited, status=1/FAILURE)
Mar 15 13:03:19 muziejus systemd[1]: Starting Security Auditing Service...
Mar 15 13:03:19 muziejus systemd[1]: auditd.service: Control process exited, code=exited status=1
Mar 15 13:03:19 muziejus systemd[1]: auditd.service: Failed with result 'exit-code'.
Mar 15 13:03:19 muziejus systemd[1]: Failed to start Security Auditing Service.
dpkg: error processing package auditd (--configure):
installed auditd package post-installation script subprocess returned error exit status 1
dpkg: dependency problems prevent configuration of audispd-plugins:
audispd-plugins depends on auditd; however:
Package auditd is not configured yet.
dpkg: error processing package audispd-plugins (--configure):
dependency problems - leaving unconfigured
No apport report written because the error message indicates its a followup error from a previous failure.
Errors were encountered while processing:
auditd
audispd-plugins
E: Sub-process /usr/bin/dpkg returned an error code (1)
-- Unit auditd.service has begun starting up.
Mar 15 13:04:49 muziejus auditd[8128]: **Cannot change priority (Operation not permitted)**
Mar 15 13:04:49 muziejus systemd[1]: auditd.service: Control process exited, code=exited status=1
Mar 15 13:04:49 muziejus auditd[8128]: The audit daemon is exiting.
Mar 15 13:04:49 muziejus systemd[1]: auditd.service: Failed with result 'exit-code'.
Mar 15 13:04:49 muziejus systemd[1]: Failed to start Security Auditing Service.
Any ideas?
Maybe this is https://bugzilla.redhat.com/show_bug.cgi?id=893751