diff options
| author | Carlos Santos <casantos@datacom.com.br> | 2018-11-03 13:42:42 -0300 |
|---|---|---|
| committer | Thomas Petazzoni <thomas.petazzoni@bootlin.com> | 2018-11-03 22:21:53 +0100 |
| commit | 6fe5fe4c4d034bd471a9ed28e5fba81475ae09ec (patch) | |
| tree | c498d54b0f041c211e08e349f673810d923dbc25 /package/audit/S02auditd | |
| parent | 4be494b8045b51ddc41cec370950a95bc72fba55 (diff) | |
| download | buildroot-6fe5fe4c4d034bd471a9ed28e5fba81475ae09ec.tar.gz buildroot-6fe5fe4c4d034bd471a9ed28e5fba81475ae09ec.zip | |
package/audit: ensure that it starts after the logging daemon
audit uses syslog(). Rename its init script to S02auditd to ensure that
it will start after syslogd. Otherwise the initial log messages will be
sent to the console (and probably lost, since almost nobody watches the
system console on embedded systems).
Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Diffstat (limited to 'package/audit/S02auditd')
| -rw-r--r-- | package/audit/S02auditd | 80 |
1 files changed, 80 insertions, 0 deletions
diff --git a/package/audit/S02auditd b/package/audit/S02auditd new file mode 100644 index 0000000000..2ecf0f1df9 --- /dev/null +++ b/package/audit/S02auditd @@ -0,0 +1,80 @@ +#!/bin/sh +# +# auditd This starts and stops auditd +# +# description: This starts the Linux Auditing System Daemon, +# which collects security related events in a dedicated +# audit log. If this daemon is turned off, audit events +# will be sent to syslog. +# + +NAME=auditd +DAEMON=/usr/sbin/${NAME} +CONFIG=/etc/audit/auditd.conf +PIDFILE=/var/run/${NAME}.pid + +start(){ + printf "Starting ${NAME}: " + + # Create dir to store log files in if one doesn't exist. Create + # the directory with SELinux permissions if possible + command -v matchpathcon >/dev/null 2>&1 + if [ $? = 0 ]; then + mkdir -p /var/log/audit -Z `matchpathcon -n /var/log/audit` + else + mkdir -p /var/log/audit + fi + + # Run audit daemon executable + start-stop-daemon -S -q -p ${PIDFILE} --exec ${DAEMON} + + if [ $? = 0 ]; then + # Load the default rules + test -f /etc/audit/rules.d/audit.rules && /usr/sbin/auditctl -R /etc/audit/rules.d/audit.rules >/dev/null + echo "OK" + else + echo "FAIL" + fi +} + +stop(){ + printf "Stopping ${NAME}: " + + start-stop-daemon -K -q -p ${PIDFILE} + [ $? = 0 ] && echo "OK" || echo "FAIL" +} + +reload(){ + printf "Reloading ${NAME} configuration: " + start-stop-daemon --stop -s 1 -p ${PIDFILE} 1>/dev/null + [ $? = 0 ] && echo "OK" || echo "FAIL" +} + +rotate(){ + printf "Rotating ${NAME} logs: " + start-stop-daemon --stop -s 10 -p ${PIDFILE} 1>/dev/null + [ $? = 0 ] && echo "OK" || echo "FAIL" +} + +case "$1" in + start) + start + ;; + stop) + stop + ;; + restart) + stop + start + ;; + reload) + reload + ;; + rotate) + rotate + ;; + *) + echo "Usage: $0 {start|stop|restart|reload|rotate}" + exit 1 + ;; +esac |
