| #!/sbin/runscript |
| # Copyright 1999-2011 Gentoo Foundation |
| # Distributed under the terms of the GNU General Public License v2 |
| # $Header: /var/cvsroot/gentoo-x86/sys-process/audit/files/auditd-init.d-2.1.3,v 1.1 2011/09/11 02:58:55 robbat2 Exp $ |
| |
| extra_started_commands='reload reload_auditd reload_rules' |
| description='Linux Auditing System' |
| description_reload='Reload daemon configuration and rules' |
| description_reload_rules='Reload daemon rules' |
| description_reload_auditd='Reload daemon configuration' |
| |
| name='auditd' |
| pidfile='/var/run/auditd.pid' |
| command='/sbin/auditd' |
| |
| start_auditd() { |
| # Env handling taken from the upstream init script |
| if [ -z "$AUDITD_LANG" -o "$AUDITD_LANG" = "none" -o "$AUDITD_LANG" = "NONE" ]; then |
| unset LANG LC_TIME LC_ALL LC_MESSAGES LC_NUMERIC LC_MONETARY LC_COLLATE |
| else |
| LANG="$AUDITD_LANG" |
| LC_TIME="$AUDITD_LANG" |
| LC_ALL="$AUDITD_LANG" |
| LC_MESSAGES="$AUDITD_LANG" |
| LC_NUMERIC="$AUDITD_LANG" |
| LC_MONETARY="$AUDITD_LANG" |
| LC_COLLATE="$AUDITD_LANG" |
| export LANG LC_TIME LC_ALL LC_MESSAGES LC_NUMERIC LC_MONETARY LC_COLLATE |
| fi |
| unset HOME MAIL USER USERNAME |
| |
| ebegin "Starting ${name}" |
| start-stop-daemon \ |
| --start --quiet --pidfile ${pidfile} \ |
| --exec ${command} -- ${EXTRAOPTIONS} |
| local ret=$? |
| eend $ret |
| return $ret |
| } |
| |
| stop_auditd() { |
| ebegin "Stopping ${name}" |
| start-stop-daemon --stop --quiet --pidfile ${pidfile} |
| local ret=$? |
| eend $ret |
| return $ret |
| } |
| |
| |
| loadfile() { |
| local rules="$1" |
| if [ -n "${rules}" -a -f "${rules}" ]; then |
| einfo "Loading audit rules from ${rules}" |
| /sbin/auditctl -R "${rules}" 1>/dev/null |
| return $? |
| else |
| return 0 |
| fi |
| } |
| |
| start() { |
| start_auditd |
| local ret=$? |
| if [ $ret -eq 0 -a "${RC_CMD}" != "restart" ]; then |
| touch /var/lock/subsys/${name} |
| loadfile "${RULEFILE_STARTUP}" |
| fi |
| return $ret |
| } |
| |
| reload_rules() { |
| loadfile "${RULEFILE_STARTUP}" |
| } |
| |
| reload_auditd() { |
| [ -f ${pidfile} ] && kill -HUP `cat ${pidfile}` |
| } |
| |
| reload() { |
| reload_auditd |
| reload_rules |
| } |
| |
| stop() { |
| [ "${RC_CMD}" != "restart" ] && loadfile "${RULEFILE_STOP_PRE}" |
| stop_auditd |
| rm -f /var/lock/subsys/${name} |
| local ret=$? |
| [ "${RC_CMD}" != "restart" ] && loadfile "${RULEFILE_STOP_POST}" |
| return $ret |
| } |
| |
| # This is a special case, we do not want to touch the rules at all |
| restart() { |
| stop_auditd |
| start_auditd |
| } |