CasperSecurity
| Current Path : /etc/init.d/ |
|
|
| Current File : //etc/init.d/auditd |
#! /bin/sh
### BEGIN INIT INFO
# Provides: auditd
# Required-Start: $remote_fs
# Required-Stop: $local_fs
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Audit Daemon
# Description: Collects audit information from Linux 2.6 Kernels.
### END INIT INFO
# Author: Philipp Matthias Hahn <pmhahn@debian.org>
# Based on Debians /etc/init.d/skeleton and Auditds init.d/auditd.init
# PATH should only include /usr/* if it runs after the mountnfs.sh script
PATH=/sbin:/usr/sbin:/bin:/usr/bin
DESC="audit daemon"
NAME=auditd
DAEMON=/sbin/auditd
PIDFILE=/var/run/"$NAME".pid
SCRIPTNAME=/etc/init.d/"$NAME"
# Exit if the package is not installed
[ -x "$DAEMON" ] || exit 0
# Read configuration variable file if it is present
[ -r /etc/default/"$NAME" ] && . /etc/default/"$NAME"
# Define LSB log_* functions.
. /lib/lsb/init-functions
#
# Function that starts the daemon/service
#
do_start()
{
# Return
# 0 if daemon has been started
# 1 if daemon was already running
# 2 if daemon could not be started
start-stop-daemon --start --quiet --pidfile "$PIDFILE" --exec "$DAEMON" --test > /dev/null \
|| return 1
start-stop-daemon --start --quiet --pidfile "$PIDFILE" --exec "$DAEMON" -- \
$EXTRAOPTIONS \
|| return 2
# Call augenrules to compile audit rules.
case "$USE_AUGENRULES" in
no|NO) ;;
*) [ -d /etc/audit/rules.d ] && /sbin/augenrules >/dev/null ;;
esac
if [ -f /etc/audit/audit.rules ]
then
/sbin/auditctl -R /etc/audit/audit.rules >/dev/null
fi
}
#
# Function that stops the daemon/service
#
do_stop()
{
# Return
# 0 if daemon has been stopped
# 1 if daemon was already stopped
# 2 if daemon could not be stopped
# other if a failure occurred
start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile "$PIDFILE" --name "$NAME"
RETVAL="$?"
[ "$RETVAL" = 2 ] && return 2
start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec "$DAEMON"
[ "$?" = 2 ] && return 2
# Many daemons don't delete their pidfiles when they exit.
rm -f "$PIDFILE"
rm -f /var/run/audit_events
# Remove watches so shutdown works cleanly
case "$AUDITD_CLEAN_STOP" in
no|NO) ;;
*) /sbin/auditctl -R /etc/audit/audit-stop.rules >/dev/null ;;
esac
return "$RETVAL"
}
#
# Function that sends a SIGHUP to the daemon/service
#
do_reload() {
start-stop-daemon --stop --signal HUP --quiet --pidfile $PIDFILE --name $NAME
return 0
}
case "$1" in
start)
log_daemon_msg "Starting $DESC" "$NAME"
do_start
case "$?" in
0|1) log_end_msg 0 ;;
2) log_end_msg 1 ;;
esac
;;
stop)
log_daemon_msg "Stopping $DESC" "$NAME"
do_stop
case "$?" in
0|1) log_end_msg 0 ;;
2) log_end_msg 1 ;;
esac
;;
reload|force-reload)
log_daemon_msg "Reloading $DESC" "$NAME"
do_reload
log_end_msg $?
;;
restart)
log_daemon_msg "Restarting $DESC" "$NAME"
do_stop
case "$?" in
0|1)
do_start
case "$?" in
0) log_end_msg 0 ;;
1) log_end_msg 1 ;; # Old process is still running
*) log_end_msg 1 ;; # Failed to start
esac
;;
*)
# Failed to stop
log_end_msg 1
;;
esac
;;
rotate)
log_daemon_msg "Rotating $DESC logs" "$NAME"
start-stop-daemon --stop --signal USR1 --quiet --pidfile "$PIDFILE" --name "$NAME"
log_end_msg $?
;;
status)
pidofproc -p "$PIDFILE" "$DAEMON" >/dev/null
status=$?
if [ $status -eq 0 ]; then
log_success_msg "$NAME is running."
else
log_failure_msg "$NAME is not running."
fi
exit $status
;;
*)
echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload|rotate|status}" >&2
exit 3
;;
esac
: