kumquat-buildroot/package/audit/S01auditd

81 lines
1.6 KiB
Plaintext
Raw Normal View History

#!/bin/sh
#
# auditd This starts and stops auditd
#
# description: This starts the Linux Auditing System Daemon,
# which collects security related events in a dedicated
# audit log. If this daemon is turned off, audit events
# will be sent to syslog.
#
NAME=auditd
DAEMON=/usr/sbin/${NAME}
CONFIG=/etc/audit/auditd.conf
PIDFILE=/var/run/${NAME}.pid
start(){
printf "Starting ${NAME}: "
# Create dir to store log files in if one doesn't exist. Create
# the directory with SELinux permissions if possible
command -v matchpathcon >/dev/null 2>&1
if [ $? = 0 ]; then
mkdir -p /var/log/audit -Z `matchpathcon -n /var/log/audit`
else
mkdir -p /var/log/audit
fi
# Run audit daemon executable
start-stop-daemon -S -q -p ${PIDFILE} --exec ${DAEMON}
if [ $? = 0 ]; then
# Load the default rules
test -f /etc/audit/rules.d/audit.rules && /usr/sbin/auditctl -R /etc/audit/rules.d/audit.rules >/dev/null
echo "OK"
else
echo "FAIL"
fi
}
stop(){
printf "Stopping ${NAME}: "
start-stop-daemon -K -q -p ${PIDFILE}
[ $? = 0 ] && echo "OK" || echo "FAIL"
}
reload(){
printf "Reloading ${NAME} configuration: "
start-stop-daemon --stop -s 1 -p ${PIDFILE} 1>/dev/null
[ $? = 0 ] && echo "OK" || echo "FAIL"
}
rotate(){
printf "Rotating ${NAME} logs: "
start-stop-daemon --stop -s 10 -p ${PIDFILE} 1>/dev/null
[ $? = 0 ] && echo "OK" || echo "FAIL"
}
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
stop
start
;;
reload)
reload
;;
rotate)
rotate
;;
*)
echo "Usage: $0 {start|stop|restart|reload|rotate}"
exit 1
;;
esac