[packages/audit.git] / auditd.init

#!/bin/sh
#
# auditd	This starts and stops auditd
#
# chkconfig: 2345 18 82
# description: This starts the Linux Auditing System Daemon
#
# processname: auditd
# config: /etc/sysconfig/auditd
# config: /etc/auditd.conf
# pidfile: /var/run/auditd.pid

PATH=/sbin:/bin:/usr/bin:/usr/sbin

# Source function library
. /etc/rc.d/init.d/functions

AUDITD_CLEAN_STOP="yes"
AUDITD_STOP_DISABLE="yes"
EXTRAOPTIONS=
AUDIT_RULES=/etc/audit/audit.rules

# Get service config - may override defaults
[ -f /etc/sysconfig/auditd ] && . /etc/sysconfig/auditd

start() {
	if [ -f /var/lock/subsys/auditd ]; then
		msg_already_running auditd
		return
	fi

	local rc
	msg_starting auditd
	# Localization for auditd is controlled in /etc/synconfig/auditd
	if [ -z "$AUDITD_LANG" -o "$AUDITD_LANG" = "C" -o "$AUDITD_LANG" = "none" -o "$AUDITD_LANG" = "NONE" ]; then
		unset LANG LC_TIME LC_ALL LC_MESSAGES LC_NUMERIC LC_MONETARY LC_COLLATE
	else
		LANG="$AUDITD_LANG"
		LC_TIME="$AUDITD_LANG"
		LC_ALL="$AUDITD_LANG"
		LC_MESSAGES="$AUDITD_LANG"
		LC_NUMERIC="$AUDITD_LANG"
		LC_MONETARY="$AUDITD_LANG"
		LC_COLLATE="$AUDITD_LANG"
		export LANG LC_TIME LC_ALL LC_MESSAGES LC_NUMERIC LC_MONETARY LC_COLLATE
	fi
	unset HOME MAIL USER USERNAME
	daemon /sbin/auditd "$EXTRAOPTIONS"
	RETVAL=$?
	# Load the default rules if daemon started
	if [ $RETVAL -eq 0 ] && [ -f $AUDIT_RULES ]; then
		# Prepare the default rules
		if is_yes "$USE_AUGENRULES"; then
			/sbin/augenrules
		fi
		# Load the default rules
		/sbin/auditctl -R $AUDIT_RULES >/dev/null
		rc=$?
		# add error code, if it was an error
		[ $rc -ne 0 ] && RETVAL=$rc
	fi
	[ $RETVAL -eq 0 ] && touch /var/lock/subsys/auditd
}

stop() {
	if [ ! -f /var/lock/subsys/auditd ]; then
		msg_not_running auditd
		return
	fi

	msg_stopping auditd
	killproc auditd
	rm -f /var/lock/subsys/auditd
	# Remove watches so shutdown works cleanly
	if ! is_no "$AUDITD_CLEAN_STOP"; then
		/sbin/auditctl -D >/dev/null
	fi
	if ! is_no "$AUDITD_STOP_DISABLE"; then
		/sbin/auditctl -e 0 >/dev/null
	fi
}

condrestart() {
	if [ ! -f /var/lock/subsys/auditd ]; then
		msg_not_running auditd
		RETVAL=$1
		return
	fi

	stop
	start
}

reload() {
	if [ ! -f /var/lock/subsys/auditd ]; then
		msg_not_running auditd
		RETVAL=7
		return
	fi

	msg_reloading auditd
	killproc auditd -HUP
	RETVAL=$?
}

RETVAL=0
case "$1" in
  start)
	start
	;;
  stop)
	stop
	;;
  restart)
	stop
	start
	;;
  try-restart)
	condrestart 0
	;;
  reload|force-reload)
	reload
	;;
  status)
	status auditd
	RETVAL=$?
	;;
  *)
	msg_usage "$0 {start|stop|restart|try-restart|reload|force-reload|status}"
	RETVAL=3
esac

exit $RETVAL
Commit	Line	Data
11fba1fa JB	1	#!/bin/sh
11fba1fa JB	2	#
43c48577	3	# auditd This starts and stops auditd
11fba1fa	4	#
8f8af021	5	# chkconfig: 2345 18 82
11fba1fa JB	6	# description: This starts the Linux Auditing System Daemon
11fba1fa JB	7	#
eb091ca6	8	# processname: auditd
11fba1fa JB	9	# config: /etc/sysconfig/auditd
	10	# config: /etc/auditd.conf
	11	# pidfile: /var/run/auditd.pid
	12
43c48577 ER	13	PATH=/sbin:/bin:/usr/bin:/usr/sbin
43c48577 ER	14
11fba1fa JB	15	# Source function library
	16	. /etc/rc.d/init.d/functions
	17
738da8d6 JR	18	AUDITD_CLEAN_STOP="yes"
738da8d6 JR	19	AUDITD_STOP_DISABLE="yes"
11fba1fa	20	EXTRAOPTIONS=
c66cc7b2	21	AUDIT_RULES=/etc/audit/audit.rules
11fba1fa JB	22
	23	# Get service config - may override defaults
	24	[ -f /etc/sysconfig/auditd ] && . /etc/sysconfig/auditd
	25
4c844ee0	26	start() {
e15c234e	27	if [ -f /var/lock/subsys/auditd ]; then
11fba1fa	28	msg_already_running auditd
e15c234e	29	return
11fba1fa	30	fi
e15c234e	31
43c48577	32	local rc
e15c234e	33	msg_starting auditd
738da8d6 JR	34	# Localization for auditd is controlled in /etc/synconfig/auditd
	35	if [ -z "$AUDITD_LANG" -o "$AUDITD_LANG" = "C" -o "$AUDITD_LANG" = "none" -o "$AUDITD_LANG" = "NONE" ]; then
	36	unset LANG LC_TIME LC_ALL LC_MESSAGES LC_NUMERIC LC_MONETARY LC_COLLATE
	37	else
	38	LANG="$AUDITD_LANG"
	39	LC_TIME="$AUDITD_LANG"
	40	LC_ALL="$AUDITD_LANG"
	41	LC_MESSAGES="$AUDITD_LANG"
	42	LC_NUMERIC="$AUDITD_LANG"
	43	LC_MONETARY="$AUDITD_LANG"
	44	LC_COLLATE="$AUDITD_LANG"
	45	export LANG LC_TIME LC_ALL LC_MESSAGES LC_NUMERIC LC_MONETARY LC_COLLATE
	46	fi
e15c234e ER	47	unset HOME MAIL USER USERNAME
	48	daemon /sbin/auditd "$EXTRAOPTIONS"
	49	RETVAL=$?
43c48577 ER	50	# Load the default rules if daemon started
43c48577 ER	51	if [ $RETVAL -eq 0 ] && [ -f $AUDIT_RULES ]; then
738da8d6 JR	52	# Prepare the default rules
	53	if is_yes "$USE_AUGENRULES"; then
	54	/sbin/augenrules
	55	fi
	56	# Load the default rules
43c48577 ER	57	/sbin/auditctl -R $AUDIT_RULES >/dev/null
	58	rc=$?
	59	# add error code, if it was an error
	60	[ $rc -ne 0 ] && RETVAL=$rc
	61	fi
e15c234e	62	[ $RETVAL -eq 0 ] && touch /var/lock/subsys/auditd
4c844ee0 JB	63	}
	64
	65	stop() {
e15c234e	66	if [ ! -f /var/lock/subsys/auditd ]; then
11fba1fa	67	msg_not_running auditd
e15c234e ER	68	return
	69	fi
	70
	71	msg_stopping auditd
	72	killproc auditd
	73	rm -f /var/lock/subsys/auditd
	74	# Remove watches so shutdown works cleanly
	75	if ! is_no "$AUDITD_CLEAN_STOP"; then
	76	/sbin/auditctl -D >/dev/null
11fba1fa	77	fi
738da8d6 JR	78	if ! is_no "$AUDITD_STOP_DISABLE"; then
	79	/sbin/auditctl -e 0 >/dev/null
	80	fi
4c844ee0 JB	81	}
	82
	83	condrestart() {
e15c234e	84	if [ ! -f /var/lock/subsys/auditd ]; then
4c844ee0 JB	85	msg_not_running auditd
4c844ee0 JB	86	RETVAL=$1
e15c234e	87	return
4c844ee0	88	fi
e15c234e ER	89
	90	stop
	91	start
	92	}
	93
	94	reload() {
	95	if [ ! -f /var/lock/subsys/auditd ]; then
	96	msg_not_running auditd
	97	RETVAL=7
	98	return
	99	fi
	100
	101	msg_reloading auditd
	102	killproc auditd -HUP
	103	RETVAL=$?
4c844ee0 JB	104	}
	105
	106	RETVAL=0
	107	case "$1" in
	108	start)
	109	start
	110	;;
	111	stop)
	112	stop
11fba1fa JB	113	;;
11fba1fa JB	114	restart)
4c844ee0 JB	115	stop
	116	start
	117	;;
	118	try-restart)
	119	condrestart 0
11fba1fa JB	120	;;
11fba1fa JB	121	reload\|force-reload)
e15c234e	122	reload
11fba1fa JB	123	;;
	124	status)
	125	status auditd
	126	RETVAL=$?
	127	;;
	128	*)
4c844ee0	129	msg_usage "$0 {start\|stop\|restart\|try-restart\|reload\|force-reload\|status}"
11fba1fa JB	130	RETVAL=3
	131	esac
	132
	133	exit $RETVAL