Handle immutability of config

[james-stocks]

This cookbook (at least if you set the cis rules) will include -e 2 config, making the auditd config immutable.

This means that if the cookbook is run repeatedly in Chef runs; the notified restart of the auditd service will have no effect on the current config.
When auditd is configured to be immutable; a restart of the host is needed.

This cookbook should possibly do something to address this.
Maybe a warning/failure if this happens. Maybe control over the immutability through attributes.
I think we can notify the host to reboot if needed; but this should definitely be attribute controlled and disabled by default!

[jblaine]

Agreed. We had to duplicate the service 'auditd' resource and add an ignore_failure to it in a wrapper cookbook as a workaround.