projects / packages / audit.git / blame
| Commit | Line | Data |
|---|---|---|
| 11fba1fa JB |
1 | #!/bin/sh |
| 2 | # | |
| 3 | # auditd This starts and stops auditd | |
| 4 | # | |
| 5 | # chkconfig: 2345 18 87 | |
| 6 | # description: This starts the Linux Auditing System Daemon | |
| 7 | # | |
| eb091ca6 | 8 | # processname: auditd |
| 11fba1fa JB |
9 | # config: /etc/sysconfig/auditd |
| 10 | # config: /etc/auditd.conf | |
| 11 | # pidfile: /var/run/auditd.pid | |
| 12 | ||
| 13 | PATH=/sbin:/bin:/usr/bin:/usr/sbin | |
| 14 | ||
| 15 | # Source function library | |
| 16 | . /etc/rc.d/init.d/functions | |
| 17 | ||
| 18 | AUDITD_CLEAN_STOP=yes | |
| 19 | EXTRAOPTIONS= | |
| c66cc7b2 | 20 | AUDIT_RULES=/etc/audit/audit.rules |
| 11fba1fa JB |
21 | |
| 22 | # Get service config - may override defaults | |
| 23 | [ -f /etc/sysconfig/auditd ] && . /etc/sysconfig/auditd | |
| 24 | ||
| 4c844ee0 | 25 | start() { |
| e15c234e | 26 | if [ -f /var/lock/subsys/auditd ]; then |
| 11fba1fa | 27 | msg_already_running auditd |
| e15c234e | 28 | return |
| 11fba1fa | 29 | fi |
| e15c234e ER |
30 | |
| 31 | msg_starting auditd | |
| 32 | unset HOME MAIL USER USERNAME | |
| 33 | daemon /sbin/auditd "$EXTRAOPTIONS" | |
| 34 | RETVAL=$? | |
| 35 | [ $RETVAL -eq 0 ] && touch /var/lock/subsys/auditd | |
| 36 | # Load the default rules | |
| 37 | [ -f $AUDIT_RULES ] && /sbin/auditctl -R $AUDIT_RULES >/dev/null | |
| 4c844ee0 JB |
38 | } |
| 39 | ||
| 40 | stop() { | |
| e15c234e | 41 | if [ ! -f /var/lock/subsys/auditd ]; then |
| 11fba1fa | 42 | msg_not_running auditd |
| e15c234e ER |
43 | return |
| 44 | fi | |
| 45 | ||
| 46 | msg_stopping auditd | |
| 47 | killproc auditd | |
| 48 | rm -f /var/lock/subsys/auditd | |
| 49 | # Remove watches so shutdown works cleanly | |
| 50 | if ! is_no "$AUDITD_CLEAN_STOP"; then | |
| 51 | /sbin/auditctl -D >/dev/null | |
| 11fba1fa | 52 | fi |
| 4c844ee0 JB |
53 | } |
| 54 | ||
| 55 | condrestart() { | |
| e15c234e | 56 | if [ ! -f /var/lock/subsys/auditd ]; then |
| 4c844ee0 JB |
57 | msg_not_running auditd |
| 58 | RETVAL=$1 | |
| e15c234e | 59 | return |
| 4c844ee0 | 60 | fi |
| e15c234e ER |
61 | |
| 62 | stop | |
| 63 | start | |
| 64 | } | |
| 65 | ||
| 66 | reload() { | |
| 67 | if [ ! -f /var/lock/subsys/auditd ]; then | |
| 68 | msg_not_running auditd | |
| 69 | RETVAL=7 | |
| 70 | return | |
| 71 | fi | |
| 72 | ||
| 73 | msg_reloading auditd | |
| 74 | killproc auditd -HUP | |
| 75 | RETVAL=$? | |
| 4c844ee0 JB |
76 | } |
| 77 | ||
| 78 | RETVAL=0 | |
| 79 | case "$1" in | |
| 80 | start) | |
| 81 | start | |
| 82 | ;; | |
| 83 | stop) | |
| 84 | stop | |
| 11fba1fa JB |
85 | ;; |
| 86 | restart) | |
| 4c844ee0 JB |
87 | stop |
| 88 | start | |
| 89 | ;; | |
| 90 | try-restart) | |
| 91 | condrestart 0 | |
| 11fba1fa JB |
92 | ;; |
| 93 | reload|force-reload) | |
| e15c234e | 94 | reload |
| 11fba1fa JB |
95 | ;; |
| 96 | status) | |
| 97 | status auditd | |
| 98 | RETVAL=$? | |
| 99 | ;; | |
| 100 | *) | |
| 4c844ee0 | 101 | msg_usage "$0 {start|stop|restart|try-restart|reload|force-reload|status}" |
| 11fba1fa JB |
102 | RETVAL=3 |
| 103 | esac | |
| 104 | ||
| 105 | exit $RETVAL |