Sophie: audit-2.2.3-1.mga3 x86

audit-2.2.3-1.mga3.x86_64.rpm

#!/bin/bash
#
# auditd        This starts and stops auditd
#
# chkconfig: 2345 11 88
# description: This starts the Linux Auditing System Daemon, \
#              which collects security related events in a dedicated \
#              audit log. If this daemon is turned off, audit events \
#              will be sent to syslog.
#
# processname: /sbin/auditd
# config: /etc/sysconfig/auditd
# config: /etc/audit/auditd.conf
# pidfile: /var/run/auditd.pid
#
### BEGIN INIT INFO
# Provides:          auditd
# Required-Start:    $local_fs
# Required-Stop:     $local_fs
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Audit Daemon
# Description:       Collects audit information from Linux 2.6 Kernels.
### END INIT INFO
#
# Return values according to LSB for all commands but status:
# 0 - success
# 1 - generic or unspecified error
# 2 - invalid or excess argument(s)
# 3 - unimplemented feature (e.g. "reload")
# 4 - insufficient privilege
# 5 - program is not installed
# 6 - program is not configured
# 7 - program is not running
#


PATH=/sbin:/bin:/usr/bin:/usr/sbin
prog="auditd"

# Source function library.
. /etc/init.d/functions

# Allow anyone to run status
if [ "$1" = "status" ] ; then
	status $prog
	RETVAL=$?
	exit $RETVAL
fi

# Check that we are root ... so non-root users stop here
test $EUID = 0  ||  exit 4

# Check config
test -f /etc/sysconfig/auditd && . /etc/sysconfig/auditd

RETVAL=0

start(){
	test -x /sbin/auditd  || exit 5
	test -f /etc/audit/auditd.conf  || exit 6

	gprintf "Starting %s: " "$prog"

# Localization for auditd is controlled in /etc/synconfig/auditd
	if [ -z "$AUDITD_LANG" -o "$AUDITD_LANG" = "none" -o "$AUDITD_LANG" = "NONE" ]; then
		unset LANG LC_TIME LC_ALL LC_MESSAGES LC_NUMERIC LC_MONETARY LC_COLLATE
	else
		LANG="$AUDITD_LANG"
		LC_TIME="$AUDITD_LANG"
		LC_ALL="$AUDITD_LANG"
		LC_MESSAGES="$AUDITD_LANG"
		LC_NUMERIC="$AUDITD_LANG"
		LC_MONETARY="$AUDITD_LANG"
		LC_COLLATE="$AUDITD_LANG"
		export LANG LC_TIME LC_ALL LC_MESSAGES LC_NUMERIC LC_MONETARY LC_COLLATE
	fi
	unset HOME MAIL USER USERNAME
	daemon $prog "$EXTRAOPTIONS"
	RETVAL=$?
	echo
	if test $RETVAL = 0 ; then
		touch /var/lock/subsys/auditd
		# Load the default rules
		test -f /etc/audit/audit.rules && /sbin/auditctl -R /etc/audit/audit.rules >/dev/null
	fi
	return $RETVAL
}

stop(){
	gprintf "Stopping %s: " "$prog"
	killproc $prog
	RETVAL=$?
	echo
	rm -f /var/lock/subsys/auditd
	# Remove watches so shutdown works cleanly
	if test x"$AUDITD_CLEAN_STOP" != "x" ; then
		if test "`echo $AUDITD_CLEAN_STOP | tr 'NO' 'no'`" != "no"
		then
			/sbin/auditctl -D >/dev/null
		fi
	fi
	if test x"$AUDITD_STOP_DISABLE" != "x" ; then
		if test "`echo $AUDITD_STOP_DISABLE | tr 'NO' 'no'`" != "no"
		then
			/sbin/auditctl -e 0 >/dev/null
		fi
	fi
	return $RETVAL
}

reload(){
	test -f /etc/audit/auditd.conf  || exit 6
	gprintf "Reloading configuration: "	
	killproc $prog -HUP
	RETVAL=$?
	echo
	return $RETVAL
}

rotate(){
	gprintf "Rotating logs: "	
	killproc $prog -USR1
	RETVAL=$?
	echo
	return $RETVAL
}

resume(){
	gprintf "Resuming logging: "	
	killproc $prog -USR2
	RETVAL=$?
	echo
	return $RETVAL
}

restart(){
	test -f /etc/audit/auditd.conf  || exit 6
	stop
	start
}

condrestart(){
	[ -e /var/lock/subsys/auditd ] && restart
	return 0
}


# See how we were called.
case "$1" in
    start)
	start
	;;
    stop)
	stop
	;;
    restart)
	restart
	;;
    reload|force-reload)
	reload
	;;
    rotate)
	rotate
	;;
    resume)
	resume
	;;
    condrestart|try-restart)
	condrestart
	;;
    *)
	gprintf "Usage: %s {start|stop|status|restart|condrestart|try-restart|reload|force-reload|rotate|resume}\n" "$0"
	RETVAL=3
esac

exit $RETVAL