diff options
| author |   Ashlee Young <ashlee@wildernessvoice.com> | 2015-11-29 08:22:13 -0800 |
|---|---|---|
| committer | Ashlee Young <ashlee@wildernessvoice.com> | 2015-11-29 08:22:13 -0800 |
| commit | df5afa4fcd9725380f94ca6476248d4cc24f889a (patch) | |
| tree | 65456f62397305febf7f40778c5a413a35d094ef /framework/src/audit/init.d/auditd.init | |
| parent | 76f6bf922552c00546e6e85ca471eab28f56986c (diff) | |
v2.4.4 audit sources
Change-Id: I9315a7408817db51edf084fb4d27fbb492785084
Signed-off-by: Ashlee Young <ashlee@wildernessvoice.com>
Diffstat (limited to 'framework/src/audit/init.d/auditd.init')
| -rwxr-xr-x | framework/src/audit/init.d/auditd.init | 175 |
1 files changed, 175 insertions, 0 deletions
diff --git a/framework/src/audit/init.d/auditd.init b/framework/src/audit/init.d/auditd.init new file mode 100755 index 00000000..ccf8afb1 --- /dev/null +++ b/framework/src/audit/init.d/auditd.init @@ -0,0 +1,175 @@ +#!/bin/bash +# +# auditd This starts and stops auditd +# +# chkconfig: 2345 11 88 +# description: This starts the Linux Auditing System Daemon, \ +# which collects security related events in a dedicated \ +# audit log. If this daemon is turned off, audit events \ +# will be sent to syslog. +# +# processname: /sbin/auditd +# config: /etc/sysconfig/auditd +# config: /etc/audit/auditd.conf +# pidfile: /var/run/auditd.pid +# +# Return values according to LSB for all commands but status: +# 0 - success +# 1 - generic or unspecified error +# 2 - invalid or excess argument(s) +# 3 - unimplemented feature (e.g. "reload") +# 4 - insufficient privilege +# 5 - program is not installed +# 6 - program is not configured +# 7 - program is not running +# + + +PATH=/sbin:/bin:/usr/bin:/usr/sbin +prog="auditd" + +# Source function library. +. /etc/init.d/functions + +# Allow anyone to run status +if [ "$1" = "status" ] ; then + status $prog + RETVAL=$? + exit $RETVAL +fi + +# Check that we are root ... so non-root users stop here +test $EUID = 0 || exit 4 + +# Check config +test -f /etc/sysconfig/auditd && . /etc/sysconfig/auditd + +RETVAL=0 + +start(){ + test -x /sbin/auditd || exit 5 + test -f /etc/audit/auditd.conf || exit 6 + + echo -n $"Starting $prog: " + +# Localization for auditd is controlled in /etc/synconfig/auditd + if [ -z "$AUDITD_LANG" -o "$AUDITD_LANG" = "none" -o "$AUDITD_LANG" = "NONE" ]; then + unset LANG LC_TIME LC_ALL LC_MESSAGES LC_NUMERIC LC_MONETARY LC_COLLATE + else + LANG="$AUDITD_LANG" + LC_TIME="$AUDITD_LANG" + LC_ALL="$AUDITD_LANG" + LC_MESSAGES="$AUDITD_LANG" + LC_NUMERIC="$AUDITD_LANG" + LC_MONETARY="$AUDITD_LANG" + LC_COLLATE="$AUDITD_LANG" + export LANG LC_TIME LC_ALL LC_MESSAGES LC_NUMERIC LC_MONETARY LC_COLLATE + fi + unset HOME MAIL USER USERNAME + daemon $prog "$EXTRAOPTIONS" + RETVAL=$? + echo + if test $RETVAL = 0 ; then + touch /var/lock/subsys/auditd + # Prepare the default rules + if test x"$USE_AUGENRULES" != "x" ; then + if test "`echo $USE_AUGENRULES | tr 'NO' 'no'`" != "no" + then + test -d /etc/audit/rules.d && /sbin/augenrules + fi + fi + # Load the default rules + test -f /etc/audit/audit.rules && /sbin/auditctl -R /etc/audit/audit.rules >/dev/null + fi + return $RETVAL +} + +stop(){ + echo -n $"Stopping $prog: " + killproc $prog + RETVAL=$? + echo + rm -f /var/lock/subsys/auditd + # Remove watches so shutdown works cleanly + if test x"$AUDITD_CLEAN_STOP" != "x" ; then + if test "`echo $AUDITD_CLEAN_STOP | tr 'NO' 'no'`" != "no" + then + /sbin/auditctl -D >/dev/null + fi + fi + if test x"$AUDITD_STOP_DISABLE" != "x" ; then + if test "`echo $AUDITD_STOP_DISABLE | tr 'NO' 'no'`" != "no" + then + /sbin/auditctl -e 0 >/dev/null + fi + fi + return $RETVAL +} + +reload(){ + test -f /etc/audit/auditd.conf || exit 6 + echo -n $"Reloading configuration: " + killproc $prog -HUP + RETVAL=$? + echo + return $RETVAL +} + +rotate(){ + echo -n $"Rotating logs: " + killproc $prog -USR1 + RETVAL=$? + echo + return $RETVAL +} + +resume(){ + echo -n $"Resuming logging: " + killproc $prog -USR2 + RETVAL=$? + echo + return $RETVAL +} + +restart(){ + test -f /etc/audit/auditd.conf || exit 6 + stop + start +} + +condrestart(){ + [ -e /var/lock/subsys/auditd ] && restart + return 0 +} + + +# See how we were called. +case "$1" in + start) + start + ;; + stop) + stop + ;; + restart) + restart + ;; + reload|force-reload) + reload + ;; + rotate) + rotate + ;; + resume) + resume + ;; + condrestart|try-restart) + condrestart + ;; + *) + echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|rotate|resume}" + RETVAL=3 +esac + +exit $RETVAL + |