1 files changed, 175 insertions, 0 deletions

diff --git a/framework/src/audit/init.d/auditd.init b/framework/src/audit/init.d/auditd.init
new file mode 100755
index 00000000..ccf8afb1
--- /dev/null
+++ b/framework/src/audit/init.d/auditd.init
@@ -0,0 +1,175 @@
+#!/bin/bash
+#
+# auditd        This starts and stops auditd
+#
+# chkconfig: 2345 11 88
+# description: This starts the Linux Auditing System Daemon, \
+#              which collects security related events in a dedicated \
+#              audit log. If this daemon is turned off, audit events \
+#              will be sent to syslog.
+#
+# processname: /sbin/auditd
+# config: /etc/sysconfig/auditd
+# config: /etc/audit/auditd.conf
+# pidfile: /var/run/auditd.pid
+#
+# Return values according to LSB for all commands but status:
+# 0 - success
+# 1 - generic or unspecified error
+# 2 - invalid or excess argument(s)
+# 3 - unimplemented feature (e.g. "reload")
+# 4 - insufficient privilege
+# 5 - program is not installed
+# 6 - program is not configured
+# 7 - program is not running
+#
+
+
+PATH=/sbin:/bin:/usr/bin:/usr/sbin
+prog="auditd"
+
+# Source function library.
+. /etc/init.d/functions
+
+# Allow anyone to run status
+if [ "$1" = "status" ] ; then
+	status $prog
+	RETVAL=$?
+	exit $RETVAL
+fi
+
+# Check that we are root ... so non-root users stop here
+test $EUID = 0  ||  exit 4
+
+# Check config
+test -f /etc/sysconfig/auditd && . /etc/sysconfig/auditd
+
+RETVAL=0
+
+start(){
+	test -x /sbin/auditd  || exit 5
+	test -f /etc/audit/auditd.conf  || exit 6
+
+	echo -n $"Starting $prog: "
+
+# Localization for auditd is controlled in /etc/synconfig/auditd
+	if [ -z "$AUDITD_LANG" -o "$AUDITD_LANG" = "none" -o "$AUDITD_LANG" = "NONE" ]; then
+		unset LANG LC_TIME LC_ALL LC_MESSAGES LC_NUMERIC LC_MONETARY LC_COLLATE
+	else
+		LANG="$AUDITD_LANG"
+		LC_TIME="$AUDITD_LANG"
+		LC_ALL="$AUDITD_LANG"
+		LC_MESSAGES="$AUDITD_LANG"
+		LC_NUMERIC="$AUDITD_LANG"
+		LC_MONETARY="$AUDITD_LANG"
+		LC_COLLATE="$AUDITD_LANG"
+		export LANG LC_TIME LC_ALL LC_MESSAGES LC_NUMERIC LC_MONETARY LC_COLLATE
+	fi
+	unset HOME MAIL USER USERNAME
+	daemon $prog "$EXTRAOPTIONS"
+	RETVAL=$?
+	echo
+	if test $RETVAL = 0 ; then
+		touch /var/lock/subsys/auditd
+		# Prepare the default rules
+		if test x"$USE_AUGENRULES" != "x" ; then
+			if test "`echo $USE_AUGENRULES | tr 'NO' 'no'`" != "no"
+			then
+				test -d /etc/audit/rules.d && /sbin/augenrules
+			fi
+		fi
+		# Load the default rules
+		test -f /etc/audit/audit.rules && /sbin/auditctl -R /etc/audit/audit.rules >/dev/null
+	fi
+	return $RETVAL
+}
+
+stop(){
+	echo -n $"Stopping $prog: "
+	killproc $prog
+	RETVAL=$?
+	echo
+	rm -f /var/lock/subsys/auditd
+	# Remove watches so shutdown works cleanly
+	if test x"$AUDITD_CLEAN_STOP" != "x" ; then
+		if test "`echo $AUDITD_CLEAN_STOP | tr 'NO' 'no'`" != "no"
+		then
+			/sbin/auditctl -D >/dev/null
+		fi
+	fi
+	if test x"$AUDITD_STOP_DISABLE" != "x" ; then
+		if test "`echo $AUDITD_STOP_DISABLE | tr 'NO' 'no'`" != "no"
+		then
+			/sbin/auditctl -e 0 >/dev/null
+		fi
+	fi
+	return $RETVAL
+}
+
+reload(){
+	test -f /etc/audit/auditd.conf  || exit 6
+	echo -n $"Reloading configuration: "	
+	killproc $prog -HUP
+	RETVAL=$?
+	echo
+	return $RETVAL
+}
+
+rotate(){
+	echo -n $"Rotating logs: "	
+	killproc $prog -USR1
+	RETVAL=$?
+	echo
+	return $RETVAL
+}
+
+resume(){
+	echo -n $"Resuming logging: "	
+	killproc $prog -USR2
+	RETVAL=$?
+	echo
+	return $RETVAL
+}
+
+restart(){
+	test -f /etc/audit/auditd.conf  || exit 6
+	stop
+	start
+}
+
+condrestart(){
+	[ -e /var/lock/subsys/auditd ] && restart
+	return 0
+}
+
+
+# See how we were called.
+case "$1" in
+    start)
+	start
+	;;
+    stop)
+	stop
+	;;
+    restart)
+	restart
+	;;
+    reload|force-reload)
+	reload
+	;;
+    rotate)
+	rotate
+	;;
+    resume)
+	resume
+	;;
+    condrestart|try-restart)
+	condrestart
+	;;
+    *)
+	echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|rotate|resume}"
+	RETVAL=3
+esac
+
+exit $RETVAL
+