]>
Commit | Line | Data |
---|---|---|
11fba1fa JB |
1 | #!/bin/sh |
2 | # | |
3 | # auditd This starts and stops auditd | |
4 | # | |
5 | # chkconfig: 2345 18 87 | |
6 | # description: This starts the Linux Auditing System Daemon | |
7 | # | |
eb091ca6 | 8 | # processname: auditd |
11fba1fa JB |
9 | # config: /etc/sysconfig/auditd |
10 | # config: /etc/auditd.conf | |
11 | # pidfile: /var/run/auditd.pid | |
12 | ||
13 | PATH=/sbin:/bin:/usr/bin:/usr/sbin | |
14 | ||
15 | # Source function library | |
16 | . /etc/rc.d/init.d/functions | |
17 | ||
18 | AUDITD_CLEAN_STOP=yes | |
19 | EXTRAOPTIONS= | |
c66cc7b2 | 20 | AUDIT_RULES=/etc/audit/audit.rules |
11fba1fa JB |
21 | |
22 | # Get service config - may override defaults | |
23 | [ -f /etc/sysconfig/auditd ] && . /etc/sysconfig/auditd | |
24 | ||
4c844ee0 | 25 | start() { |
e15c234e | 26 | if [ -f /var/lock/subsys/auditd ]; then |
11fba1fa | 27 | msg_already_running auditd |
e15c234e | 28 | return |
11fba1fa | 29 | fi |
e15c234e ER |
30 | |
31 | msg_starting auditd | |
32 | unset HOME MAIL USER USERNAME | |
33 | daemon /sbin/auditd "$EXTRAOPTIONS" | |
34 | RETVAL=$? | |
35 | [ $RETVAL -eq 0 ] && touch /var/lock/subsys/auditd | |
36 | # Load the default rules | |
37 | [ -f $AUDIT_RULES ] && /sbin/auditctl -R $AUDIT_RULES >/dev/null | |
4c844ee0 JB |
38 | } |
39 | ||
40 | stop() { | |
e15c234e | 41 | if [ ! -f /var/lock/subsys/auditd ]; then |
11fba1fa | 42 | msg_not_running auditd |
e15c234e ER |
43 | return |
44 | fi | |
45 | ||
46 | msg_stopping auditd | |
47 | killproc auditd | |
48 | rm -f /var/lock/subsys/auditd | |
49 | # Remove watches so shutdown works cleanly | |
50 | if ! is_no "$AUDITD_CLEAN_STOP"; then | |
51 | /sbin/auditctl -D >/dev/null | |
11fba1fa | 52 | fi |
4c844ee0 JB |
53 | } |
54 | ||
55 | condrestart() { | |
e15c234e | 56 | if [ ! -f /var/lock/subsys/auditd ]; then |
4c844ee0 JB |
57 | msg_not_running auditd |
58 | RETVAL=$1 | |
e15c234e | 59 | return |
4c844ee0 | 60 | fi |
e15c234e ER |
61 | |
62 | stop | |
63 | start | |
64 | } | |
65 | ||
66 | reload() { | |
67 | if [ ! -f /var/lock/subsys/auditd ]; then | |
68 | msg_not_running auditd | |
69 | RETVAL=7 | |
70 | return | |
71 | fi | |
72 | ||
73 | msg_reloading auditd | |
74 | killproc auditd -HUP | |
75 | RETVAL=$? | |
4c844ee0 JB |
76 | } |
77 | ||
78 | RETVAL=0 | |
79 | case "$1" in | |
80 | start) | |
81 | start | |
82 | ;; | |
83 | stop) | |
84 | stop | |
11fba1fa JB |
85 | ;; |
86 | restart) | |
4c844ee0 JB |
87 | stop |
88 | start | |
89 | ;; | |
90 | try-restart) | |
91 | condrestart 0 | |
11fba1fa JB |
92 | ;; |
93 | reload|force-reload) | |
e15c234e | 94 | reload |
11fba1fa JB |
95 | ;; |
96 | status) | |
97 | status auditd | |
98 | RETVAL=$? | |
99 | ;; | |
100 | *) | |
4c844ee0 | 101 | msg_usage "$0 {start|stop|restart|try-restart|reload|force-reload|status}" |
11fba1fa JB |
102 | RETVAL=3 |
103 | esac | |
104 | ||
105 | exit $RETVAL |