3 # auditd This starts and stops auditd
5 # chkconfig: 2345 18 82
6 # description: This starts the Linux Auditing System Daemon
9 # config: /etc/sysconfig/auditd
10 # config: /etc/auditd.conf
11 # pidfile: /var/run/auditd.pid
13 PATH=/sbin:/bin:/usr/bin:/usr/sbin
15 # Source function library
16 . /etc/rc.d/init.d/functions
18 AUDITD_CLEAN_STOP="yes"
19 AUDITD_STOP_DISABLE="yes"
21 AUDIT_RULES=/etc/audit/audit.rules
23 # Get service config - may override defaults
24 [ -f /etc/sysconfig/auditd ] && . /etc/sysconfig/auditd
27 if [ -f /var/lock/subsys/auditd ]; then
28 msg_already_running auditd
34 # Localization for auditd is controlled in /etc/synconfig/auditd
35 if [ -z "$AUDITD_LANG" -o "$AUDITD_LANG" = "C" -o "$AUDITD_LANG" = "none" -o "$AUDITD_LANG" = "NONE" ]; then
36 unset LANG LC_TIME LC_ALL LC_MESSAGES LC_NUMERIC LC_MONETARY LC_COLLATE
39 LC_TIME="$AUDITD_LANG"
41 LC_MESSAGES="$AUDITD_LANG"
42 LC_NUMERIC="$AUDITD_LANG"
43 LC_MONETARY="$AUDITD_LANG"
44 LC_COLLATE="$AUDITD_LANG"
45 export LANG LC_TIME LC_ALL LC_MESSAGES LC_NUMERIC LC_MONETARY LC_COLLATE
47 unset HOME MAIL USER USERNAME
48 daemon /sbin/auditd "$EXTRAOPTIONS"
50 # Load the default rules if daemon started
51 if [ $RETVAL -eq 0 ] && [ -f $AUDIT_RULES ]; then
52 # Prepare the default rules
53 if is_yes "$USE_AUGENRULES"; then
56 # Load the default rules
57 /sbin/auditctl -R $AUDIT_RULES >/dev/null
59 # add error code, if it was an error
60 [ $rc -ne 0 ] && RETVAL=$rc
62 [ $RETVAL -eq 0 ] && touch /var/lock/subsys/auditd
66 if [ ! -f /var/lock/subsys/auditd ]; then
67 msg_not_running auditd
73 rm -f /var/lock/subsys/auditd
74 # Remove watches so shutdown works cleanly
75 if ! is_no "$AUDITD_CLEAN_STOP"; then
76 /sbin/auditctl -D >/dev/null
78 if ! is_no "$AUDITD_STOP_DISABLE"; then
79 /sbin/auditctl -e 0 >/dev/null
84 if [ ! -f /var/lock/subsys/auditd ]; then
85 msg_not_running auditd
95 if [ ! -f /var/lock/subsys/auditd ]; then
96 msg_not_running auditd
129 msg_usage "$0 {start|stop|restart|try-restart|reload|force-reload|status}"