#!/bin/sh
#
# auditd        This starts and stops auditd
#
# chkconfig: 2345 18 87
# description: This starts the Linux Auditing System Daemon
#
# processname: auditd
# config: /etc/sysconfig/auditd
# config: /etc/auditd.conf
# pidfile: /var/run/auditd.pid

PATH=/sbin:/bin:/usr/bin:/usr/sbin

# Source function library
. /etc/rc.d/init.d/functions

AUDITD_CLEAN_STOP=yes
EXTRAOPTIONS=
AUDIT_RULES=/etc/audit/audit.rules

# Get service config - may override defaults
[ -f /etc/sysconfig/auditd ] && . /etc/sysconfig/auditd

start() {
	if [ -f /var/lock/subsys/auditd ]; then
		msg_already_running auditd
		return
	fi

	msg_starting auditd
	unset HOME MAIL USER USERNAME
	daemon /sbin/auditd "$EXTRAOPTIONS"
	RETVAL=$?
	[ $RETVAL -eq 0 ] && touch /var/lock/subsys/auditd
	# Load the default rules
	[ -f $AUDIT_RULES ] && /sbin/auditctl -R $AUDIT_RULES >/dev/null
}

stop() {
	if [ ! -f /var/lock/subsys/auditd ]; then
		msg_not_running auditd
		return
	fi

	msg_stopping auditd
	killproc auditd
	rm -f /var/lock/subsys/auditd
	# Remove watches so shutdown works cleanly
	if ! is_no "$AUDITD_CLEAN_STOP"; then
		/sbin/auditctl -D >/dev/null
	fi
}

condrestart() {
	if [ ! -f /var/lock/subsys/auditd ]; then
		msg_not_running auditd
		RETVAL=$1
		return
	fi

	stop
	start
}

reload() {
	if [ ! -f /var/lock/subsys/auditd ]; then
		msg_not_running auditd
		RETVAL=7
		return
	fi

	msg_reloading auditd
	killproc auditd -HUP
	RETVAL=$?
}

RETVAL=0
case "$1" in
  start)
	start
	;;
  stop)
	stop
	;;
  restart)
	stop
	start
	;;
  try-restart)
	condrestart 0
	;;
  reload|force-reload)
	reload
	;;
  status)
	status auditd
	RETVAL=$?
	;;
  *)
	msg_usage "$0 {start|stop|restart|try-restart|reload|force-reload|status}"
	RETVAL=3
esac

exit $RETVAL