Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / openbmc / b95905d1c8bee73bd53457a1895e33c119eb9680 / . / meta-openembedded / meta-oe / recipes-security / audit / audit / auditd
blob: 6aa7f9475126940e948a9cd88ca2f8a0d93120a1 [file] [log] [blame]
#! /bin/sh
### BEGIN INIT INFO
# Provides: auditd
# Required-Start: $local_fs
# Required-Stop: $local_fs
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Audit Daemon
# Description: Collects audit information from Linux 2.6 Kernels.
### END INIT INFO
# Author: Philipp Matthias Hahn <pmhahn@debian.org>
# Based on Debians /etc/init.d/skeleton and Auditds init.d/auditd.init
# June, 2012: Adopted for yocto <amy.fong@windriver.com>
# PATH should only include /usr/* if it runs after the mountnfs.sh script
PATH=/sbin:/bin:/usr/sbin:/usr/bin
DESC="audit daemon"
NAME=auditd
DAEMON=/sbin/auditd
PIDFILE=/var/run/"$NAME".pid
SCRIPTNAME=/etc/init.d/"$NAME"
# Exit if the package is not installed
[ -x "$DAEMON" ] || exit 0
# Read configuration variable file if it is present
[ -r /etc/default/"$NAME" ] && . /etc/default/"$NAME"
. /etc/default/rcS
. /etc/init.d/functions
#
# Function that starts the daemon/service
#
do_start()
{
# Return
# 0 if daemon has been started
# 1 if daemon was already running
# 2 if daemon could not be started
start-stop-daemon -S --quiet --pidfile "$PIDFILE" --exec "$DAEMON" --test > /dev/null \
|| return 1
start-stop-daemon -S --quiet --pidfile "$PIDFILE" --exec "$DAEMON" -- \
$EXTRAOPTIONS \
|| return 2
if [ -f /etc/audit/audit.rules ]
then
/sbin/auditctl -R /etc/audit/audit.rules >/dev/null
fi
}
#
# Function that stops the daemon/service
#
do_stop()
{
# Return
# 0 if daemon has been stopped
# 1 if daemon was already stopped
# 2 if daemon could not be stopped
# other if a failure occurred
start-stop-daemon -K --quiet --pidfile "$PIDFILE" --name "$NAME"
RETVAL="$?"
[ "$RETVAL" = 2 ] && return 2
# Many daemons don't delete their pidfiles when they exit.
rm -f "$PIDFILE"
rm -f /var/run/audit_events
# Remove watches so shutdown works cleanly
case "$AUDITD_CLEAN_STOP" in
no|NO) ;;
*) /sbin/auditctl -D >/dev/null ;;
esac
return "$RETVAL"
}
#
# Function that sends a SIGHUP to the daemon/service
#
do_reload() {
start-stop-daemon -K --signal HUP --quiet --pidfile $PIDFILE --name $NAME
return 0
}
if [ ! -e /var/log/audit ]; then
mkdir -p /var/log/audit
[ -x /sbin/restorecon ] && /sbin/restorecon -F $(readlink -f /var/log/audit)
fi
case "$1" in
start)
[ "$VERBOSE" != no ] && echo "Starting $DESC" "$NAME"
do_start
case "$?" in
0|1) [ "$VERBOSE" != no ] && echo 0 ;;
2) [ "$VERBOSE" != no ] && echo 1 ;;
esac
;;
stop)
[ "$VERBOSE" != no ] && echo "Stopping $DESC" "$NAME"
do_stop
case "$?" in
0|1) [ "$VERBOSE" != no ] && echo 0 ;;
2) [ "$VERBOSE" != no ] && echo 1 ;;
esac
;;
reload|force-reload)
echo "Reloading $DESC" "$NAME"
do_reload
echo $?
;;
restart)
echo "Restarting $DESC" "$NAME"
do_stop
case "$?" in
0|1)
do_start
case "$?" in
0) echo 0 ;;
1) echo 1 ;; # Old process is still running
*) echo 1 ;; # Failed to start
esac
;;
*)
# Failed to stop
echo 1
;;
esac
;;
rotate)
echo "Rotating $DESC logs" "$NAME"
start-stop-daemon -K --signal USR1 --quiet --pidfile "$PIDFILE" --name "$NAME"
echo $?
;;
status)
pidofproc "$DAEMON" >/dev/null
status=$?
if [ $status -eq 0 ]; then
echo "$NAME is running."
else
echo "$NAME is not running."
fi
exit $status
;;
*)
echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload|rotate|status}" >&2
exit 3
;;
esac
: