audit: Add startup script
The startup script for the audit package did not meet the buildroot
standards when the package was initially merged. Adding a compliant
startup script for starting the audit daemon along with rotating the
logs and other features.
[Thomas:
- Replace "Failed" by "FAIL" to be consistent with the rest of the
init script and other packages
- Use $(INSTALL) -D with a complete destination path to avoid having
to create /etc/init.d before installing the init script.]
Signed-off-by: Clayton Shotwell <clayton.shotwell@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This commit is contained in:
Clayton Shotwell
Thomas Petazzoni
parent
58b2598a3d
commit
7e068bb5ff
80
package/audit/S01auditd
Normal file
80
package/audit/S01auditd
Normal file
@ -0,0 +1,80 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# auditd This starts and stops auditd
|
||||
#
|
||||
# description: This starts the Linux Auditing System Daemon,
|
||||
# which collects security related events in a dedicated
|
||||
# audit log. If this daemon is turned off, audit events
|
||||
# will be sent to syslog.
|
||||
#
|
||||
|
||||
NAME=auditd
|
||||
DAEMON=/usr/sbin/${NAME}
|
||||
CONFIG=/etc/audit/auditd.conf
|
||||
PIDFILE=/var/run/${NAME}.pid
|
||||
|
||||
start(){
|
||||
echo -n "Starting ${NAME}: "
|
||||
|
||||
# Create dir to store log files in if one doesn't exist. Create
|
||||
# the directory with SELinux permissions if possible
|
||||
command -v matchpathcon >/dev/null 2>&1
|
||||
if [ $? = 0 ]; then
|
||||
mkdir -p /var/log/audit -Z `matchpathcon -n /var/log/audit`
|
||||
else
|
||||
mkdir -p /var/log/audit
|
||||
fi
|
||||
|
||||
# Run audit daemon executable
|
||||
start-stop-daemon -S -q -p ${PIDFILE} --exec ${DAEMON}
|
||||
|
||||
if [ $? = 0 ]; then
|
||||
# Load the default rules
|
||||
test -f /etc/audit/rules.d/audit.rules && /usr/sbin/auditctl -R /etc/audit/rules.d/audit.rules >/dev/null
|
||||
echo "OK"
|
||||
else
|
||||
echo "FAIL"
|
||||
fi
|
||||
}
|
||||
|
||||
stop(){
|
||||
echo -n "Stopping ${NAME}: "
|
||||
|
||||
start-stop-daemon -K -q -p ${PIDFILE}
|
||||
[ $? = 0 ] && echo "OK" || echo "FAIL"
|
||||
}
|
||||
|
||||
reload(){
|
||||
echo -n "Reloading ${NAME} configuration: "
|
||||
start-stop-daemon --stop -s 1 -p ${PIDFILE} 1>/dev/null
|
||||
[ $? = 0 ] && echo "OK" || echo "FAIL"
|
||||
}
|
||||
|
||||
rotate(){
|
||||
echo -n "Rotating ${NAME} logs: "
|
||||
start-stop-daemon --stop -s 10 -p ${PIDFILE} 1>/dev/null
|
||||
[ $? = 0 ] && echo "OK" || echo "FAIL"
|
||||
}
|
||||
|
||||
case "$1" in
|
||||
start)
|
||||
start
|
||||
;;
|
||||
stop)
|
||||
stop
|
||||
;;
|
||||
restart)
|
||||
stop
|
||||
start
|
||||
;;
|
||||
reload)
|
||||
reload
|
||||
;;
|
||||
rotate)
|
||||
rotate
|
||||
;;
|
||||
*)
|
||||
echo "Usage: $0 {start|stop|restart|reload|rotate}"
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
@ -34,6 +34,10 @@ ifeq ($(BR2_aarch64),y)
|
||||
AUDIT_CONF_OPTS += --with-aarch64
|
||||
endif
|
||||
|
||||
define AUDIT_INSTALL_INIT_SYSV
|
||||
$(INSTALL) -D -m 755 package/audit/S01auditd $(TARGET_DIR)/etc/init.d/S01auditd
|
||||
endef
|
||||
|
||||
define AUDIT_INSTALL_CLEANUP
|
||||
$(RM) -rf $(TARGET_DIR)/etc/rc.d
|
||||
$(RM) -rf $(TARGET_DIR)/etc/sysconfig
|
||||
|
||||
Loading…
Reference in New Issue
Block a user