aboutsummaryrefslogtreecommitdiff
path: root/package/audit
diff options
context:
space:
mode:
authorGravatar Clayton Shotwell <clayton.shotwell@rockwellcollins.com>2015-07-14 15:20:27 -0500
committerGravatar Thomas Petazzoni <thomas.petazzoni@free-electrons.com>2015-07-19 22:51:43 +0200
commit7e068bb5ff6815f50e7ce729b67e831d0d8d4ed1 (patch)
treeac9e39192200d18868bdd0b1f5dd2d3b3ae71415 /package/audit
parent58b2598a3d7089c26143fcb2c97163dca8ddea5b (diff)
downloadbuildroot-7e068bb5ff6815f50e7ce729b67e831d0d8d4ed1.tar.gz
buildroot-7e068bb5ff6815f50e7ce729b67e831d0d8d4ed1.tar.bz2
audit: Add startup script
The startup script for the audit package did not meet the buildroot standards when the package was initially merged. Adding a compliant startup script for starting the audit daemon along with rotating the logs and other features. [Thomas: - Replace "Failed" by "FAIL" to be consistent with the rest of the init script and other packages - Use $(INSTALL) -D with a complete destination path to avoid having to create /etc/init.d before installing the init script.] Signed-off-by: Clayton Shotwell <clayton.shotwell@rockwellcollins.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Diffstat (limited to 'package/audit')
-rw-r--r--package/audit/S01auditd80
-rw-r--r--package/audit/audit.mk4
2 files changed, 84 insertions, 0 deletions
diff --git a/package/audit/S01auditd b/package/audit/S01auditd
new file mode 100644
index 0000000000..94857394bc
--- /dev/null
+++ b/package/audit/S01auditd
@@ -0,0 +1,80 @@
+#!/bin/sh
+#
+# auditd This starts and stops auditd
+#
+# description: This starts the Linux Auditing System Daemon,
+# which collects security related events in a dedicated
+# audit log. If this daemon is turned off, audit events
+# will be sent to syslog.
+#
+
+NAME=auditd
+DAEMON=/usr/sbin/${NAME}
+CONFIG=/etc/audit/auditd.conf
+PIDFILE=/var/run/${NAME}.pid
+
+start(){
+ echo -n "Starting ${NAME}: "
+
+ # Create dir to store log files in if one doesn't exist. Create
+ # the directory with SELinux permissions if possible
+ command -v matchpathcon >/dev/null 2>&1
+ if [ $? = 0 ]; then
+ mkdir -p /var/log/audit -Z `matchpathcon -n /var/log/audit`
+ else
+ mkdir -p /var/log/audit
+ fi
+
+ # Run audit daemon executable
+ start-stop-daemon -S -q -p ${PIDFILE} --exec ${DAEMON}
+
+ if [ $? = 0 ]; then
+ # Load the default rules
+ test -f /etc/audit/rules.d/audit.rules && /usr/sbin/auditctl -R /etc/audit/rules.d/audit.rules >/dev/null
+ echo "OK"
+ else
+ echo "FAIL"
+ fi
+}
+
+stop(){
+ echo -n "Stopping ${NAME}: "
+
+ start-stop-daemon -K -q -p ${PIDFILE}
+ [ $? = 0 ] && echo "OK" || echo "FAIL"
+}
+
+reload(){
+ echo -n "Reloading ${NAME} configuration: "
+ start-stop-daemon --stop -s 1 -p ${PIDFILE} 1>/dev/null
+ [ $? = 0 ] && echo "OK" || echo "FAIL"
+}
+
+rotate(){
+ echo -n "Rotating ${NAME} logs: "
+ start-stop-daemon --stop -s 10 -p ${PIDFILE} 1>/dev/null
+ [ $? = 0 ] && echo "OK" || echo "FAIL"
+}
+
+case "$1" in
+ start)
+ start
+ ;;
+ stop)
+ stop
+ ;;
+ restart)
+ stop
+ start
+ ;;
+ reload)
+ reload
+ ;;
+ rotate)
+ rotate
+ ;;
+ *)
+ echo "Usage: $0 {start|stop|restart|reload|rotate}"
+ exit 1
+ ;;
+esac
diff --git a/package/audit/audit.mk b/package/audit/audit.mk
index ab3e087b09..e30f88682e 100644
--- a/package/audit/audit.mk
+++ b/package/audit/audit.mk
@@ -34,6 +34,10 @@ ifeq ($(BR2_aarch64),y)
AUDIT_CONF_OPTS += --with-aarch64
endif
+define AUDIT_INSTALL_INIT_SYSV
+ $(INSTALL) -D -m 755 package/audit/S01auditd $(TARGET_DIR)/etc/init.d/S01auditd
+endef
+
define AUDIT_INSTALL_CLEANUP
$(RM) -rf $(TARGET_DIR)/etc/rc.d
$(RM) -rf $(TARGET_DIR)/etc/sysconfig