3 # auditd This starts and stops auditd
5 # chkconfig: 2345 18 82
6 # description: This starts the Linux Auditing System Daemon
9 # config: /etc/sysconfig/auditd
10 # config: /etc/auditd.conf
11 # pidfile: /var/run/auditd.pid
13 PATH=/sbin:/bin:/usr/bin:/usr/sbin
15 # Source function library
16 . /etc/rc.d/init.d/functions
20 AUDIT_RULES=/etc/audit/audit.rules
22 # Get service config - may override defaults
23 [ -f /etc/sysconfig/auditd ] && . /etc/sysconfig/auditd
26 if [ -f /var/lock/subsys/auditd ]; then
27 msg_already_running auditd
33 unset HOME MAIL USER USERNAME
34 daemon /sbin/auditd "$EXTRAOPTIONS"
36 # Load the default rules if daemon started
37 if [ $RETVAL -eq 0 ] && [ -f $AUDIT_RULES ]; then
38 /sbin/auditctl -R $AUDIT_RULES >/dev/null
40 # add error code, if it was an error
41 [ $rc -ne 0 ] && RETVAL=$rc
43 [ $RETVAL -eq 0 ] && touch /var/lock/subsys/auditd
47 if [ ! -f /var/lock/subsys/auditd ]; then
48 msg_not_running auditd
54 rm -f /var/lock/subsys/auditd
55 # Remove watches so shutdown works cleanly
56 if ! is_no "$AUDITD_CLEAN_STOP"; then
57 /sbin/auditctl -D >/dev/null
62 if [ ! -f /var/lock/subsys/auditd ]; then
63 msg_not_running auditd
73 if [ ! -f /var/lock/subsys/auditd ]; then
74 msg_not_running auditd
107 msg_usage "$0 {start|stop|restart|try-restart|reload|force-reload|status}"