1 files changed, 153 insertions, 0 deletions
diff --git a/recipes-security/audit/audit/auditd b/recipes-security/audit/audit/auditd
new file mode 100755
index 0000000..fcd96c9
--- /dev/null
+++ b/recipes-security/audit/audit/auditd
@@ -0,0 +1,153 @@
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides:          auditd
+# Required-Start:    $local_fs
+# Required-Stop:     $local_fs
+# Default-Start:     2 3 4 5
+# Default-Stop:      0 1 6
+# Short-Description: Audit Daemon
+# Description:       Collects audit information from Linux 2.6 Kernels.
+### END INIT INFO
+# Author: Philipp Matthias Hahn <pmhahn@debian.org>
+# Based on Debians /etc/init.d/skeleton and Auditds init.d/auditd.init
+# June, 2012: Adopted for yocto <amy.fong@windriver.com>
+# PATH should only include /usr/* if it runs after the mountnfs.sh script
+PATH=/sbin:/bin:/usr/sbin:/usr/bin
+DESC="audit daemon"
+NAME=auditd
+DAEMON=/sbin/auditd
+PIDFILE=/var/run/"$NAME".pid
+SCRIPTNAME=/etc/init.d/"$NAME"
+# Exit if the package is not installed
+[ -x "$DAEMON" ] || exit 0
+# Read configuration variable file if it is present
+[ -r /etc/default/"$NAME" ] && . /etc/default/"$NAME"
+. /etc/default/rcS
+. /etc/init.d/functions                                                
+#
+# Function that starts the daemon/service
+#
+do_start()
+{
+        # Return
+        #   0 if daemon has been started
+        #   1 if daemon was already running
+        #   2 if daemon could not be started
+        start-stop-daemon -S --quiet --pidfile "$PIDFILE" --exec "$DAEMON" --test > /dev/null \
+                || return 1
+        start-stop-daemon -S --quiet --pidfile "$PIDFILE" --exec "$DAEMON" -- \
+                $EXTRAOPTIONS \
+                || return 2
+        if [ -f /etc/audit/audit.rules ]
+        then
+                /sbin/auditctl -R /etc/audit/audit.rules >/dev/null
+        fi
+}
+#
+# Function that stops the daemon/service
+#
+do_stop()
+{
+        # Return
+        #   0 if daemon has been stopped
+        #   1 if daemon was already stopped
+        #   2 if daemon could not be stopped
+        #   other if a failure occurred
+        start-stop-daemon -K --quiet --pidfile "$PIDFILE" --name "$NAME"
+        RETVAL="$?"
+        [ "$RETVAL" = 2 ] && return 2
+        # Many daemons don't delete their pidfiles when they exit.
+        rm -f "$PIDFILE"
+        rm -f /var/run/audit_events
+        # Remove watches so shutdown works cleanly
+        case "$AUDITD_CLEAN_STOP" in
+                no|NO) ;;
+                *) /sbin/auditctl -D >/dev/null ;;
+        esac
+        return "$RETVAL"
+}
+#
+# Function that sends a SIGHUP to the daemon/service
+#
+do_reload() {
+        start-stop-daemon -K --signal HUP --quiet --pidfile $PIDFILE --name $NAME
+        return 0
+}
+if [ ! -e /var/log/audit ]; then
+        mkdir -p /var/log/audit
+        [ -x /sbin/restorecon ] && /sbin/restorecon -F /var/log/audit
+fi
+case "$1" in
+  start)
+        [ "$VERBOSE" != no ] && echo "Starting $DESC" "$NAME"
+        do_start
+        case "$?" in
+                0|1) [ "$VERBOSE" != no ] && echo 0 ;;
+                2) [ "$VERBOSE" != no ] && echo 1 ;;
+        esac
+        ;;
+  stop)
+        [ "$VERBOSE" != no ] && echo "Stopping $DESC" "$NAME"
+        do_stop
+        case "$?" in
+                0|1) [ "$VERBOSE" != no ] && echo 0 ;;
+                2) [ "$VERBOSE" != no ] && echo 1 ;;
+        esac
+        ;;
+  reload|force-reload)
+        echo "Reloading $DESC" "$NAME"
+        do_reload
+        echo $?
+        ;;
+  restart)
+        echo "Restarting $DESC" "$NAME"
+        do_stop
+        case "$?" in
+          0|1)
+                do_start
+                case "$?" in
+                        0) echo 0 ;;
+                        1) echo 1 ;; # Old process is still running
+                        *) echo 1 ;; # Failed to start
+                esac
+                ;;
+          *)
+                # Failed to stop
+                echo 1
+                ;;
+        esac
+        ;;
+  rotate)
+        echo "Rotating $DESC logs" "$NAME"
+        start-stop-daemon -K --signal USR1 --quiet --pidfile "$PIDFILE" --name "$NAME"
+        echo $?
+        ;;
+  status)
+        pidofproc "$DAEMON" >/dev/null
+        status=$?
+        if [ $status -eq 0 ]; then
+                echo "$NAME is running."
+        else
+                echo "$NAME is not running."
+        fi
+        exit $status
+        ;;
+  *)
+        echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload|rotate|status}" >&2
+        exit 3
+        ;;
+esac
+:

diff --git a/recipes-security/audit/audit/auditd b/recipes-security/audit/audit/auditd new file mode 100755 index 0000000..fcd96c9 --- /dev/null +++ b/recipes-security/audit/audit/auditd
@@ -0,0 +1,153 @@
	1	#! /bin/sh
	2	### BEGIN INIT INFO
	3	# Provides: auditd
	4	# Required-Start: $local_fs
	5	# Required-Stop: $local_fs
	6	# Default-Start: 2 3 4 5
	7	# Default-Stop: 0 1 6
	8	# Short-Description: Audit Daemon
	9	# Description: Collects audit information from Linux 2.6 Kernels.
	10	### END INIT INFO
	11
	12	# Author: Philipp Matthias Hahn <pmhahn@debian.org>
	13	# Based on Debians /etc/init.d/skeleton and Auditds init.d/auditd.init
	14
	15	# June, 2012: Adopted for yocto <amy.fong@windriver.com>
	16
	17	# PATH should only include /usr/* if it runs after the mountnfs.sh script
	18	PATH=/sbin:/bin:/usr/sbin:/usr/bin
	19	DESC="audit daemon"
	20	NAME=auditd
	21	DAEMON=/sbin/auditd
	22	PIDFILE=/var/run/"$NAME".pid
	23	SCRIPTNAME=/etc/init.d/"$NAME"
	24
	25	# Exit if the package is not installed
	26	[ -x "$DAEMON" ] \|\| exit 0
	27
	28	# Read configuration variable file if it is present
	29	[ -r /etc/default/"$NAME" ] && . /etc/default/"$NAME"
	30
	31	. /etc/default/rcS
	32
	33	. /etc/init.d/functions
	34
	35	#
	36	# Function that starts the daemon/service
	37	#
	38	do_start()
	39	{
	40	# Return
	41	# 0 if daemon has been started
	42	# 1 if daemon was already running
	43	# 2 if daemon could not be started
	44	start-stop-daemon -S --quiet --pidfile "$PIDFILE" --exec "$DAEMON" --test > /dev/null \
	45	\|\| return 1
	46	start-stop-daemon -S --quiet --pidfile "$PIDFILE" --exec "$DAEMON" -- \
	47	$EXTRAOPTIONS \
	48	\|\| return 2
	49	if [ -f /etc/audit/audit.rules ]
	50	then
	51	/sbin/auditctl -R /etc/audit/audit.rules >/dev/null
	52	fi
	53	}
	54
	55	#
	56	# Function that stops the daemon/service
	57	#
	58	do_stop()
	59	{
	60	# Return
	61	# 0 if daemon has been stopped
	62	# 1 if daemon was already stopped
	63	# 2 if daemon could not be stopped
	64	# other if a failure occurred
	65	start-stop-daemon -K --quiet --pidfile "$PIDFILE" --name "$NAME"
	66	RETVAL="$?"
	67	[ "$RETVAL" = 2 ] && return 2
	68	# Many daemons don't delete their pidfiles when they exit.
	69	rm -f "$PIDFILE"
	70	rm -f /var/run/audit_events
	71	# Remove watches so shutdown works cleanly
	72	case "$AUDITD_CLEAN_STOP" in
	73	no\|NO) ;;
	74	*) /sbin/auditctl -D >/dev/null ;;
	75	esac
	76	return "$RETVAL"
	77	}
	78
	79	#
	80	# Function that sends a SIGHUP to the daemon/service
	81	#
	82	do_reload() {
	83	start-stop-daemon -K --signal HUP --quiet --pidfile $PIDFILE --name $NAME
	84	return 0
	85	}
	86
	87	if [ ! -e /var/log/audit ]; then
	88	mkdir -p /var/log/audit
	89	[ -x /sbin/restorecon ] && /sbin/restorecon -F /var/log/audit
	90	fi
	91
	92	case "$1" in
	93	start)
	94	[ "$VERBOSE" != no ] && echo "Starting $DESC" "$NAME"
	95	do_start
	96	case "$?" in
	97	0\|1) [ "$VERBOSE" != no ] && echo 0 ;;
	98	2) [ "$VERBOSE" != no ] && echo 1 ;;
	99	esac
	100	;;
	101	stop)
	102	[ "$VERBOSE" != no ] && echo "Stopping $DESC" "$NAME"
	103	do_stop
	104	case "$?" in
	105	0\|1) [ "$VERBOSE" != no ] && echo 0 ;;
	106	2) [ "$VERBOSE" != no ] && echo 1 ;;
	107	esac
	108	;;
	109	reload\|force-reload)
	110	echo "Reloading $DESC" "$NAME"
	111	do_reload
	112	echo $?
	113	;;
	114	restart)
	115	echo "Restarting $DESC" "$NAME"
	116	do_stop
	117	case "$?" in
	118	0\|1)
	119	do_start
	120	case "$?" in
	121	0) echo 0 ;;
	122	1) echo 1 ;; # Old process is still running
	123	*) echo 1 ;; # Failed to start
	124	esac
	125	;;
	126	*)
	127	# Failed to stop
	128	echo 1
	129	;;
	130	esac
	131	;;
	132	rotate)
	133	echo "Rotating $DESC logs" "$NAME"
	134	start-stop-daemon -K --signal USR1 --quiet --pidfile "$PIDFILE" --name "$NAME"
	135	echo $?
	136	;;
	137	status)
	138	pidofproc "$DAEMON" >/dev/null
	139	status=$?
	140	if [ $status -eq 0 ]; then
	141	echo "$NAME is running."
	142	else
	143	echo "$NAME is not running."
	144	fi
	145	exit $status
	146	;;
	147	*)
	148	echo "Usage: $SCRIPTNAME {start\|stop\|restart\|reload\|force-reload\|rotate\|status}" >&2
	149	exit 3
	150	;;
	151	esac
	152
	153	: