| #! /bin/sh |
| ### BEGIN INIT INFO |
| # Provides: auditd |
| # Required-Start: $local_fs |
| # Required-Stop: $local_fs |
| # Default-Start: 2 3 4 5 |
| # Default-Stop: 0 1 6 |
| # Short-Description: Audit Daemon |
| # Description: Collects audit information from Linux 2.6 Kernels. |
| ### END INIT INFO |
| |
| # Author: Philipp Matthias Hahn <pmhahn@debian.org> |
| # Based on Debians /etc/init.d/skeleton and Auditds init.d/auditd.init |
| |
| # June, 2012: Adopted for yocto <amy.fong@windriver.com> |
| |
| # PATH should only include /usr/* if it runs after the mountnfs.sh script |
| PATH=/sbin:/bin:/usr/sbin:/usr/bin |
| DESC="audit daemon" |
| NAME=auditd |
| DAEMON=/sbin/auditd |
| PIDFILE=/var/run/"$NAME".pid |
| SCRIPTNAME=/etc/init.d/"$NAME" |
| |
| # Exit if the package is not installed |
| [ -x "$DAEMON" ] || exit 0 |
| |
| # Read configuration variable file if it is present |
| [ -r /etc/default/"$NAME" ] && . /etc/default/"$NAME" |
| |
| . /etc/default/rcS |
| |
| . /etc/init.d/functions |
| |
| # |
| # Function that starts the daemon/service |
| # |
| do_start() |
| { |
| # Return |
| # 0 if daemon has been started |
| # 1 if daemon was already running |
| # 2 if daemon could not be started |
| start-stop-daemon -S --quiet --pidfile "$PIDFILE" --exec "$DAEMON" --test > /dev/null \ |
| || return 1 |
| start-stop-daemon -S --quiet --pidfile "$PIDFILE" --exec "$DAEMON" -- \ |
| $EXTRAOPTIONS \ |
| || return 2 |
| if [ -f /etc/audit/audit.rules ] |
| then |
| /sbin/auditctl -R /etc/audit/audit.rules >/dev/null |
| fi |
| } |
| |
| # |
| # Function that stops the daemon/service |
| # |
| do_stop() |
| { |
| # Return |
| # 0 if daemon has been stopped |
| # 1 if daemon was already stopped |
| # 2 if daemon could not be stopped |
| # other if a failure occurred |
| start-stop-daemon -K --quiet --pidfile "$PIDFILE" --name "$NAME" |
| RETVAL="$?" |
| [ "$RETVAL" = 2 ] && return 2 |
| # Many daemons don't delete their pidfiles when they exit. |
| rm -f "$PIDFILE" |
| rm -f /var/run/audit_events |
| # Remove watches so shutdown works cleanly |
| case "$AUDITD_CLEAN_STOP" in |
| no|NO) ;; |
| *) /sbin/auditctl -D >/dev/null ;; |
| esac |
| return "$RETVAL" |
| } |
| |
| # |
| # Function that sends a SIGHUP to the daemon/service |
| # |
| do_reload() { |
| start-stop-daemon -K --signal HUP --quiet --pidfile $PIDFILE --name $NAME |
| return 0 |
| } |
| |
| if [ ! -e /var/log/audit ]; then |
| mkdir -p /var/log/audit |
| [ -x /sbin/restorecon ] && /sbin/restorecon -F $(readlink -f /var/log/audit) |
| fi |
| |
| case "$1" in |
| start) |
| [ "$VERBOSE" != no ] && echo "Starting $DESC" "$NAME" |
| do_start |
| case "$?" in |
| 0|1) [ "$VERBOSE" != no ] && echo 0 ;; |
| 2) [ "$VERBOSE" != no ] && echo 1 ;; |
| esac |
| ;; |
| stop) |
| [ "$VERBOSE" != no ] && echo "Stopping $DESC" "$NAME" |
| do_stop |
| case "$?" in |
| 0|1) [ "$VERBOSE" != no ] && echo 0 ;; |
| 2) [ "$VERBOSE" != no ] && echo 1 ;; |
| esac |
| ;; |
| reload|force-reload) |
| echo "Reloading $DESC" "$NAME" |
| do_reload |
| echo $? |
| ;; |
| restart) |
| echo "Restarting $DESC" "$NAME" |
| do_stop |
| case "$?" in |
| 0|1) |
| do_start |
| case "$?" in |
| 0) echo 0 ;; |
| 1) echo 1 ;; # Old process is still running |
| *) echo 1 ;; # Failed to start |
| esac |
| ;; |
| *) |
| # Failed to stop |
| echo 1 |
| ;; |
| esac |
| ;; |
| rotate) |
| echo "Rotating $DESC logs" "$NAME" |
| start-stop-daemon -K --signal USR1 --quiet --pidfile "$PIDFILE" --name "$NAME" |
| echo $? |
| ;; |
| status) |
| pidofproc "$DAEMON" >/dev/null |
| status=$? |
| if [ $status -eq 0 ]; then |
| echo "$NAME is running." |
| else |
| echo "$NAME is not running." |
| fi |
| exit $status |
| ;; |
| *) |
| echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload|rotate|status}" >&2 |
| exit 3 |
| ;; |
| esac |
| |
| : |