diff options
| author | Clayton Shotwell <clayton.shotwell@rockwellcollins.com> | 2015-07-14 15:20:27 -0500 |
|---|---|---|
| committer | Thomas Petazzoni <thomas.petazzoni@free-electrons.com> | 2015-07-19 22:51:43 +0200 |
| commit | 7e068bb5ff6815f50e7ce729b67e831d0d8d4ed1 (patch) | |
| tree | ac9e39192200d18868bdd0b1f5dd2d3b3ae71415 /package/audit | |
| parent | 58b2598a3d7089c26143fcb2c97163dca8ddea5b (diff) | |
| download | buildroot-7e068bb5ff6815f50e7ce729b67e831d0d8d4ed1.tar.gz buildroot-7e068bb5ff6815f50e7ce729b67e831d0d8d4ed1.zip | |
audit: Add startup script
The startup script for the audit package did not meet the buildroot
standards when the package was initially merged. Adding a compliant
startup script for starting the audit daemon along with rotating the
logs and other features.
[Thomas:
- Replace "Failed" by "FAIL" to be consistent with the rest of the
init script and other packages
- Use $(INSTALL) -D with a complete destination path to avoid having
to create /etc/init.d before installing the init script.]
Signed-off-by: Clayton Shotwell <clayton.shotwell@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Diffstat (limited to 'package/audit')
| -rw-r--r-- | package/audit/S01auditd | 80 | ||||
| -rw-r--r-- | package/audit/audit.mk | 4 |
2 files changed, 84 insertions, 0 deletions
diff --git a/package/audit/S01auditd b/package/audit/S01auditd new file mode 100644 index 0000000000..94857394bc --- /dev/null +++ b/package/audit/S01auditd @@ -0,0 +1,80 @@ +#!/bin/sh +# +# auditd This starts and stops auditd +# +# description: This starts the Linux Auditing System Daemon, +# which collects security related events in a dedicated +# audit log. If this daemon is turned off, audit events +# will be sent to syslog. +# + +NAME=auditd +DAEMON=/usr/sbin/${NAME} +CONFIG=/etc/audit/auditd.conf +PIDFILE=/var/run/${NAME}.pid + +start(){ + echo -n "Starting ${NAME}: " + + # Create dir to store log files in if one doesn't exist. Create + # the directory with SELinux permissions if possible + command -v matchpathcon >/dev/null 2>&1 + if [ $? = 0 ]; then + mkdir -p /var/log/audit -Z `matchpathcon -n /var/log/audit` + else + mkdir -p /var/log/audit + fi + + # Run audit daemon executable + start-stop-daemon -S -q -p ${PIDFILE} --exec ${DAEMON} + + if [ $? = 0 ]; then + # Load the default rules + test -f /etc/audit/rules.d/audit.rules && /usr/sbin/auditctl -R /etc/audit/rules.d/audit.rules >/dev/null + echo "OK" + else + echo "FAIL" + fi +} + +stop(){ + echo -n "Stopping ${NAME}: " + + start-stop-daemon -K -q -p ${PIDFILE} + [ $? = 0 ] && echo "OK" || echo "FAIL" +} + +reload(){ + echo -n "Reloading ${NAME} configuration: " + start-stop-daemon --stop -s 1 -p ${PIDFILE} 1>/dev/null + [ $? = 0 ] && echo "OK" || echo "FAIL" +} + +rotate(){ + echo -n "Rotating ${NAME} logs: " + start-stop-daemon --stop -s 10 -p ${PIDFILE} 1>/dev/null + [ $? = 0 ] && echo "OK" || echo "FAIL" +} + +case "$1" in + start) + start + ;; + stop) + stop + ;; + restart) + stop + start + ;; + reload) + reload + ;; + rotate) + rotate + ;; + *) + echo "Usage: $0 {start|stop|restart|reload|rotate}" + exit 1 + ;; +esac diff --git a/package/audit/audit.mk b/package/audit/audit.mk index ab3e087b09..e30f88682e 100644 --- a/package/audit/audit.mk +++ b/package/audit/audit.mk @@ -34,6 +34,10 @@ ifeq ($(BR2_aarch64),y) AUDIT_CONF_OPTS += --with-aarch64 endif +define AUDIT_INSTALL_INIT_SYSV + $(INSTALL) -D -m 755 package/audit/S01auditd $(TARGET_DIR)/etc/init.d/S01auditd +endef + define AUDIT_INSTALL_CLEANUP $(RM) -rf $(TARGET_DIR)/etc/rc.d $(RM) -rf $(TARGET_DIR)/etc/sysconfig |
