Home Explore Help
Sign In
PUBLIC_REPOS
/
buildroot
mirror of git://git.buildroot.net/buildroot
2
1
Fork 0
Files
Browse Source

audit: Add startup script

The startup script for the audit package did not meet the buildroot
standards when the package was initially merged. Adding a compliant
startup script for starting the audit daemon along with rotating the
logs and other features.

[Thomas:
  - Replace "Failed" by "FAIL" to be consistent with the rest of the
    init script and other packages
  - Use $(INSTALL) -D with a complete destination path to avoid having
    to create /etc/init.d before installing the init script.]

Signed-off-by: Clayton Shotwell <clayton.shotwell@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Clayton Shotwell 10 years ago
parent
58b2598a3d
commit
7e068bb5ff
2 changed files with 84 additions and 0 deletions
Split View Show Diff Stats
  1. 80 0
      package/audit/S01auditd
  2. 4 0
      package/audit/audit.mk

+ 80 - 0
package/audit/S01auditd
View File 

@@ -0,0 +1,80 @@
 
+#!/bin/sh
 
+#
 
+# auditd       This starts and stops auditd
 
+#
 
+# description: This starts the Linux Auditing System Daemon,
 
+#              which collects security related events in a dedicated
 
+#              audit log. If this daemon is turned off, audit events
 
+#              will be sent to syslog.
 
+#
 
+
 
+NAME=auditd
 
+DAEMON=/usr/sbin/${NAME}
 
+CONFIG=/etc/audit/auditd.conf
 
+PIDFILE=/var/run/${NAME}.pid
 
+
 
+start(){
 
+	echo -n "Starting ${NAME}: "
 
+
 
+	# Create dir to store log files in if one doesn't exist. Create
 
+	# the directory with SELinux permissions if possible
 
+	command -v matchpathcon >/dev/null 2>&1
 
+	if [ $? = 0 ]; then
 
+		mkdir -p /var/log/audit -Z `matchpathcon -n /var/log/audit`
 
+	else
 
+		mkdir -p /var/log/audit
 
+	fi
 
+
 
+	# Run audit daemon executable
 
+	start-stop-daemon -S -q -p ${PIDFILE} --exec ${DAEMON}
 
+
 
+	if [ $? = 0 ]; then
 
+		# Load the default rules
 
+		test -f /etc/audit/rules.d/audit.rules && /usr/sbin/auditctl -R /etc/audit/rules.d/audit.rules >/dev/null
 
+		echo "OK"
 
+	else
 
+		echo "FAIL"
 
+	fi
 
+}
 
+
 
+stop(){
 
+	echo -n "Stopping ${NAME}: "
 
+
 
+	start-stop-daemon -K -q -p ${PIDFILE}
 
+	[ $? = 0 ] && echo "OK" || echo "FAIL"
 
+}
 
+
 
+reload(){
 
+	echo -n "Reloading ${NAME} configuration: "
 
+	start-stop-daemon --stop -s 1 -p ${PIDFILE} 1>/dev/null
 
+	[ $? = 0 ] && echo "OK" || echo "FAIL"
 
+}
 
+
 
+rotate(){
 
+	echo -n "Rotating ${NAME} logs: "
 
+	start-stop-daemon --stop -s 10 -p ${PIDFILE} 1>/dev/null
 
+	[ $? = 0 ] && echo "OK" || echo "FAIL"
 
+}
 
+
 
+case "$1" in
 
+	start)
 
+		start
 
+		;;
 
+	stop)
 
+		stop
 
+		;;
 
+	restart)
 
+		stop
 
+		start
 
+		;;
 
+	reload)
 
+		reload
 
+		;;
 
+	rotate)
 
+		rotate
 
+		;;
 
+	*)
 
+		echo "Usage: $0 {start|stop|restart|reload|rotate}"
 
+		exit 1
 
+		;;
 
+esac

+ 4 - 0
package/audit/audit.mk
View File 

@@ -34,6 +34,10 @@ ifeq ($(BR2_aarch64),y)
 
 AUDIT_CONF_OPTS += --with-aarch64
 
 endif
 
 
+define AUDIT_INSTALL_INIT_SYSV
 
+	$(INSTALL) -D -m 755 package/audit/S01auditd $(TARGET_DIR)/etc/init.d/S01auditd
 
+endef
 
+
 
 define AUDIT_INSTALL_CLEANUP
 
 	$(RM) -rf $(TARGET_DIR)/etc/rc.d
 
 	$(RM) -rf $(TARGET_DIR)/etc/sysconfig