diff options
Diffstat (limited to 'recipes-security/audit/audit/auditd')
-rwxr-xr-x | recipes-security/audit/audit/auditd | 153 |
1 files changed, 153 insertions, 0 deletions
diff --git a/recipes-security/audit/audit/auditd b/recipes-security/audit/audit/auditd new file mode 100755 index 0000000..fcd96c9 --- /dev/null +++ b/recipes-security/audit/audit/auditd | |||
@@ -0,0 +1,153 @@ | |||
1 | #! /bin/sh | ||
2 | ### BEGIN INIT INFO | ||
3 | # Provides: auditd | ||
4 | # Required-Start: $local_fs | ||
5 | # Required-Stop: $local_fs | ||
6 | # Default-Start: 2 3 4 5 | ||
7 | # Default-Stop: 0 1 6 | ||
8 | # Short-Description: Audit Daemon | ||
9 | # Description: Collects audit information from Linux 2.6 Kernels. | ||
10 | ### END INIT INFO | ||
11 | |||
12 | # Author: Philipp Matthias Hahn <pmhahn@debian.org> | ||
13 | # Based on Debians /etc/init.d/skeleton and Auditds init.d/auditd.init | ||
14 | |||
15 | # June, 2012: Adopted for yocto <amy.fong@windriver.com> | ||
16 | |||
17 | # PATH should only include /usr/* if it runs after the mountnfs.sh script | ||
18 | PATH=/sbin:/bin:/usr/sbin:/usr/bin | ||
19 | DESC="audit daemon" | ||
20 | NAME=auditd | ||
21 | DAEMON=/sbin/auditd | ||
22 | PIDFILE=/var/run/"$NAME".pid | ||
23 | SCRIPTNAME=/etc/init.d/"$NAME" | ||
24 | |||
25 | # Exit if the package is not installed | ||
26 | [ -x "$DAEMON" ] || exit 0 | ||
27 | |||
28 | # Read configuration variable file if it is present | ||
29 | [ -r /etc/default/"$NAME" ] && . /etc/default/"$NAME" | ||
30 | |||
31 | . /etc/default/rcS | ||
32 | |||
33 | . /etc/init.d/functions | ||
34 | |||
35 | # | ||
36 | # Function that starts the daemon/service | ||
37 | # | ||
38 | do_start() | ||
39 | { | ||
40 | # Return | ||
41 | # 0 if daemon has been started | ||
42 | # 1 if daemon was already running | ||
43 | # 2 if daemon could not be started | ||
44 | start-stop-daemon -S --quiet --pidfile "$PIDFILE" --exec "$DAEMON" --test > /dev/null \ | ||
45 | || return 1 | ||
46 | start-stop-daemon -S --quiet --pidfile "$PIDFILE" --exec "$DAEMON" -- \ | ||
47 | $EXTRAOPTIONS \ | ||
48 | || return 2 | ||
49 | if [ -f /etc/audit/audit.rules ] | ||
50 | then | ||
51 | /sbin/auditctl -R /etc/audit/audit.rules >/dev/null | ||
52 | fi | ||
53 | } | ||
54 | |||
55 | # | ||
56 | # Function that stops the daemon/service | ||
57 | # | ||
58 | do_stop() | ||
59 | { | ||
60 | # Return | ||
61 | # 0 if daemon has been stopped | ||
62 | # 1 if daemon was already stopped | ||
63 | # 2 if daemon could not be stopped | ||
64 | # other if a failure occurred | ||
65 | start-stop-daemon -K --quiet --pidfile "$PIDFILE" --name "$NAME" | ||
66 | RETVAL="$?" | ||
67 | [ "$RETVAL" = 2 ] && return 2 | ||
68 | # Many daemons don't delete their pidfiles when they exit. | ||
69 | rm -f "$PIDFILE" | ||
70 | rm -f /var/run/audit_events | ||
71 | # Remove watches so shutdown works cleanly | ||
72 | case "$AUDITD_CLEAN_STOP" in | ||
73 | no|NO) ;; | ||
74 | *) /sbin/auditctl -D >/dev/null ;; | ||
75 | esac | ||
76 | return "$RETVAL" | ||
77 | } | ||
78 | |||
79 | # | ||
80 | # Function that sends a SIGHUP to the daemon/service | ||
81 | # | ||
82 | do_reload() { | ||
83 | start-stop-daemon -K --signal HUP --quiet --pidfile $PIDFILE --name $NAME | ||
84 | return 0 | ||
85 | } | ||
86 | |||
87 | if [ ! -e /var/log/audit ]; then | ||
88 | mkdir -p /var/log/audit | ||
89 | [ -x /sbin/restorecon ] && /sbin/restorecon -F /var/log/audit | ||
90 | fi | ||
91 | |||
92 | case "$1" in | ||
93 | start) | ||
94 | [ "$VERBOSE" != no ] && echo "Starting $DESC" "$NAME" | ||
95 | do_start | ||
96 | case "$?" in | ||
97 | 0|1) [ "$VERBOSE" != no ] && echo 0 ;; | ||
98 | 2) [ "$VERBOSE" != no ] && echo 1 ;; | ||
99 | esac | ||
100 | ;; | ||
101 | stop) | ||
102 | [ "$VERBOSE" != no ] && echo "Stopping $DESC" "$NAME" | ||
103 | do_stop | ||
104 | case "$?" in | ||
105 | 0|1) [ "$VERBOSE" != no ] && echo 0 ;; | ||
106 | 2) [ "$VERBOSE" != no ] && echo 1 ;; | ||
107 | esac | ||
108 | ;; | ||
109 | reload|force-reload) | ||
110 | echo "Reloading $DESC" "$NAME" | ||
111 | do_reload | ||
112 | echo $? | ||
113 | ;; | ||
114 | restart) | ||
115 | echo "Restarting $DESC" "$NAME" | ||
116 | do_stop | ||
117 | case "$?" in | ||
118 | 0|1) | ||
119 | do_start | ||
120 | case "$?" in | ||
121 | 0) echo 0 ;; | ||
122 | 1) echo 1 ;; # Old process is still running | ||
123 | *) echo 1 ;; # Failed to start | ||
124 | esac | ||
125 | ;; | ||
126 | *) | ||
127 | # Failed to stop | ||
128 | echo 1 | ||
129 | ;; | ||
130 | esac | ||
131 | ;; | ||
132 | rotate) | ||
133 | echo "Rotating $DESC logs" "$NAME" | ||
134 | start-stop-daemon -K --signal USR1 --quiet --pidfile "$PIDFILE" --name "$NAME" | ||
135 | echo $? | ||
136 | ;; | ||
137 | status) | ||
138 | pidofproc "$DAEMON" >/dev/null | ||
139 | status=$? | ||
140 | if [ $status -eq 0 ]; then | ||
141 | echo "$NAME is running." | ||
142 | else | ||
143 | echo "$NAME is not running." | ||
144 | fi | ||
145 | exit $status | ||
146 | ;; | ||
147 | *) | ||
148 | echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload|rotate|status}" >&2 | ||
149 | exit 3 | ||
150 | ;; | ||
151 | esac | ||
152 | |||
153 | : | ||