1#! /bin/sh 2### BEGIN INIT INFO 3# Provides: auditd 4# Required-Start: $local_fs 5# Required-Stop: $local_fs 6# Default-Start: 2 3 4 5 7# Default-Stop: 0 1 6 8# Short-Description: Audit Daemon 9# Description: Collects audit information from Linux 2.6 Kernels. 10### END INIT INFO 11 12# Author: Philipp Matthias Hahn <pmhahn@debian.org> 13# Based on Debians /etc/init.d/skeleton and Auditds init.d/auditd.init 14 15# June, 2012: Adopted for yocto <amy.fong@windriver.com> 16 17# PATH should only include /usr/* if it runs after the mountnfs.sh script 18PATH=/sbin:/bin:/usr/sbin:/usr/bin 19DESC="audit daemon" 20NAME=auditd 21DAEMON=/sbin/auditd 22PIDFILE=/var/run/"$NAME".pid 23SCRIPTNAME=/etc/init.d/"$NAME" 24 25# Exit if the package is not installed 26[ -x "$DAEMON" ] || exit 0 27 28# Read configuration variable file if it is present 29[ -r /etc/default/"$NAME" ] && . /etc/default/"$NAME" 30 31. /etc/default/rcS 32 33. /etc/init.d/functions 34 35# 36# Function that starts the daemon/service 37# 38do_start() 39{ 40 # Return 41 # 0 if daemon has been started 42 # 1 if daemon was already running 43 # 2 if daemon could not be started 44 start-stop-daemon -S --quiet --pidfile "$PIDFILE" --exec "$DAEMON" --test > /dev/null \ 45 || return 1 46 start-stop-daemon -S --quiet --pidfile "$PIDFILE" --exec "$DAEMON" -- \ 47 $EXTRAOPTIONS \ 48 || return 2 49 if [ -f /etc/audit/audit.rules ] 50 then 51 /sbin/auditctl -R /etc/audit/audit.rules >/dev/null 52 fi 53} 54 55# 56# Function that stops the daemon/service 57# 58do_stop() 59{ 60 # Return 61 # 0 if daemon has been stopped 62 # 1 if daemon was already stopped 63 # 2 if daemon could not be stopped 64 # other if a failure occurred 65 start-stop-daemon -K --quiet --pidfile "$PIDFILE" --name "$NAME" 66 RETVAL="$?" 67 [ "$RETVAL" = 2 ] && return 2 68 # Many daemons don't delete their pidfiles when they exit. 69 rm -f "$PIDFILE" 70 rm -f /var/run/audit_events 71 # Remove watches so shutdown works cleanly 72 case "$AUDITD_CLEAN_STOP" in 73 no|NO) ;; 74 *) /sbin/auditctl -D >/dev/null ;; 75 esac 76 return "$RETVAL" 77} 78 79# 80# Function that sends a SIGHUP to the daemon/service 81# 82do_reload() { 83 start-stop-daemon -K --signal HUP --quiet --pidfile $PIDFILE --name $NAME 84 return 0 85} 86 87if [ ! -e /var/log/audit ]; then 88 mkdir -p /var/log/audit 89 [ -x /sbin/restorecon ] && /sbin/restorecon -F $(readlink -f /var/log/audit) 90fi 91 92case "$1" in 93 start) 94 [ "$VERBOSE" != no ] && echo "Starting $DESC" "$NAME" 95 do_start 96 case "$?" in 97 0|1) [ "$VERBOSE" != no ] && echo 0 ;; 98 2) [ "$VERBOSE" != no ] && echo 1 ;; 99 esac 100 ;; 101 stop) 102 [ "$VERBOSE" != no ] && echo "Stopping $DESC" "$NAME" 103 do_stop 104 case "$?" in 105 0|1) [ "$VERBOSE" != no ] && echo 0 ;; 106 2) [ "$VERBOSE" != no ] && echo 1 ;; 107 esac 108 ;; 109 reload|force-reload) 110 echo "Reloading $DESC" "$NAME" 111 do_reload 112 echo $? 113 ;; 114 restart) 115 echo "Restarting $DESC" "$NAME" 116 do_stop 117 case "$?" in 118 0|1) 119 do_start 120 case "$?" in 121 0) echo 0 ;; 122 1) echo 1 ;; # Old process is still running 123 *) echo 1 ;; # Failed to start 124 esac 125 ;; 126 *) 127 # Failed to stop 128 echo 1 129 ;; 130 esac 131 ;; 132 rotate) 133 echo "Rotating $DESC logs" "$NAME" 134 start-stop-daemon -K --signal USR1 --quiet --pidfile "$PIDFILE" --name "$NAME" 135 echo $? 136 ;; 137 status) 138 pidofproc "$DAEMON" >/dev/null 139 status=$? 140 if [ $status -eq 0 ]; then 141 echo "$NAME is running." 142 else 143 echo "$NAME is not running." 144 fi 145 exit $status 146 ;; 147 *) 148 echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload|rotate|status}" >&2 149 exit 3 150 ;; 151esac 152 153: 154