forked from pool/audit
Accepting request 160635 from home:elvigia:branches:security
- remove sysvinit scripts. OBS-URL: https://build.opensuse.org/request/show/160635 OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=45
This commit is contained in:
parent
11f82fb426
commit
bb9092a477
@ -1,3 +1,8 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Fri Mar 22 19:35:47 UTC 2013 - crrodriguez@opensuse.org
|
||||||
|
|
||||||
|
- remove sysvinit scripts.
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Wed Jan 30 23:19:33 UTC 2013 - crrodriguez@opensuse.org
|
Wed Jan 30 23:19:33 UTC 2013 - crrodriguez@opensuse.org
|
||||||
|
|
||||||
|
10
audit.spec
10
audit.spec
@ -24,7 +24,6 @@ Version: 2.2.2
|
|||||||
Release: 0
|
Release: 0
|
||||||
Url: http://people.redhat.com/sgrubb/audit/
|
Url: http://people.redhat.com/sgrubb/audit/
|
||||||
Source0: http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
|
Source0: http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
|
||||||
Source1: auditd.init
|
|
||||||
Source2: auditd.sysconfig
|
Source2: auditd.sysconfig
|
||||||
Source3: baselibs.conf
|
Source3: baselibs.conf
|
||||||
Source4: README-BEFORE-ADDING-PATCHES
|
Source4: README-BEFORE-ADDING-PATCHES
|
||||||
@ -119,8 +118,6 @@ cp %{SOURCE2} $RPM_BUILD_ROOT/var/adm/fillup-templates/sysconfig.auditd
|
|||||||
rm -rf $RPM_BUILD_ROOT/etc/sysconfig/auditd
|
rm -rf $RPM_BUILD_ROOT/etc/sysconfig/auditd
|
||||||
rm -rf $RPM_BUILD_ROOT/etc/init.d/auditd
|
rm -rf $RPM_BUILD_ROOT/etc/init.d/auditd
|
||||||
rm -rf $RPM_BUILD_ROOT/etc/rc.d/init.d
|
rm -rf $RPM_BUILD_ROOT/etc/rc.d/init.d
|
||||||
install -c -m 755 %{SOURCE1} $RPM_BUILD_ROOT/etc/init.d/auditd
|
|
||||||
ln -s /etc/init.d/auditd $RPM_BUILD_ROOT/usr/sbin/rcauditd
|
|
||||||
mkdir -p $RPM_BUILD_ROOT/var/log/audit/
|
mkdir -p $RPM_BUILD_ROOT/var/log/audit/
|
||||||
touch $RPM_BUILD_ROOT/var/log/audit/audit.log
|
touch $RPM_BUILD_ROOT/var/log/audit/audit.log
|
||||||
mkdir -p $RPM_BUILD_ROOT/var/spool/audit/
|
mkdir -p $RPM_BUILD_ROOT/var/spool/audit/
|
||||||
@ -142,7 +139,7 @@ make check
|
|||||||
%postun -n libauparse0 -p /sbin/ldconfig
|
%postun -n libauparse0 -p /sbin/ldconfig
|
||||||
|
|
||||||
%post
|
%post
|
||||||
%{fillup_and_insserv -yn auditd auditd}
|
%{fillup_only -n auditd}
|
||||||
# Save existing audit files if any (from old location)
|
# Save existing audit files if any (from old location)
|
||||||
if [ -f /etc/auditd.conf ]; then
|
if [ -f /etc/auditd.conf ]; then
|
||||||
mv /etc/audit/auditd.conf /etc/audit/auditd.conf.new
|
mv /etc/audit/auditd.conf /etc/audit/auditd.conf.new
|
||||||
@ -158,12 +155,9 @@ fi
|
|||||||
%service_add_pre auditd.service
|
%service_add_pre auditd.service
|
||||||
|
|
||||||
%preun
|
%preun
|
||||||
%stop_on_removal auditd
|
|
||||||
%service_del_preun auditd.service
|
%service_del_preun auditd.service
|
||||||
|
|
||||||
%postun
|
%postun
|
||||||
%restart_on_update auditd
|
|
||||||
%{insserv_cleanup}
|
|
||||||
%service_del_postun auditd.service
|
%service_del_postun auditd.service
|
||||||
|
|
||||||
%files -n libaudit1
|
%files -n libaudit1
|
||||||
@ -209,7 +203,6 @@ fi
|
|||||||
%attr(750,root,root) /usr/sbin/auditd
|
%attr(750,root,root) /usr/sbin/auditd
|
||||||
%attr(755,root,root) /sbin/ausearch
|
%attr(755,root,root) /sbin/ausearch
|
||||||
%attr(755,root,root) /usr/sbin/ausearch
|
%attr(755,root,root) /usr/sbin/ausearch
|
||||||
%attr(750,root,root) /usr/sbin/rcauditd
|
|
||||||
%attr(750,root,root) /sbin/autrace
|
%attr(750,root,root) /sbin/autrace
|
||||||
%attr(750,root,root) /usr/sbin/autrace
|
%attr(750,root,root) /usr/sbin/autrace
|
||||||
%attr(750,root,root) /sbin/audispd
|
%attr(750,root,root) /sbin/audispd
|
||||||
@ -220,7 +213,6 @@ fi
|
|||||||
%attr(755,root,root) /sbin/aureport
|
%attr(755,root,root) /sbin/aureport
|
||||||
%attr(755,root,root) /usr/sbin/aureport
|
%attr(755,root,root) /usr/sbin/aureport
|
||||||
%attr(755,root,root) /usr/bin/auvirt
|
%attr(755,root,root) /usr/bin/auvirt
|
||||||
/etc/init.d/auditd
|
|
||||||
%dir %attr(750,root,root) /etc/audit
|
%dir %attr(750,root,root) /etc/audit
|
||||||
%attr(750,root,root) %dir /etc/audisp
|
%attr(750,root,root) %dir /etc/audisp
|
||||||
%attr(750,root,root) %dir /etc/audisp/plugins.d
|
%attr(750,root,root) %dir /etc/audisp/plugins.d
|
||||||
|
214
auditd.init
214
auditd.init
@ -1,214 +0,0 @@
|
|||||||
#! /bin/sh
|
|
||||||
# Copyright (c) 1995-2004 SUSE Linux AG, Nuernberg, Germany.
|
|
||||||
# All rights reserved.
|
|
||||||
#
|
|
||||||
# Author: Kurt Garloff
|
|
||||||
# Please send feedback to http://www.suse.de/feedback/
|
|
||||||
#
|
|
||||||
# /etc/init.d/auditd
|
|
||||||
# and its symbolic link
|
|
||||||
# /(usr/)sbin/rcauditd
|
|
||||||
#
|
|
||||||
# Template system startup script for some example service/daemon auditd
|
|
||||||
#
|
|
||||||
# LSB compatible service control script; see http://www.linuxbase.org/spec/
|
|
||||||
#
|
|
||||||
# Note: This template uses functions rc_XXX defined in /etc/rc.status on
|
|
||||||
# UnitedLinux (UL) based Linux distributions. If you want to base your
|
|
||||||
# script on this template and ensure that it works on non UL based LSB
|
|
||||||
# compliant Linux distributions, you either have to provide the rc.status
|
|
||||||
# functions from UL or change the script to work without them.
|
|
||||||
#
|
|
||||||
### BEGIN INIT INFO
|
|
||||||
# Provides: auditd
|
|
||||||
# Required-Start: $syslog
|
|
||||||
# Should-Start:
|
|
||||||
# Required-Stop: $syslog
|
|
||||||
# Should-Stop:
|
|
||||||
# Default-Start: 3 5
|
|
||||||
# Default-Stop: 0 1 2 6
|
|
||||||
# Short-Description: auditd daemon providing core auditing services
|
|
||||||
# Description: Starts the auditing subsystem.
|
|
||||||
### END INIT INFO
|
|
||||||
#
|
|
||||||
# A registry has been set up to manage the init script namespace.
|
|
||||||
# http://www.lanana.org/
|
|
||||||
# Please use the names already registered or register one or use a
|
|
||||||
# vendor prefix.
|
|
||||||
|
|
||||||
|
|
||||||
# Check for missing binaries (stale symlinks should not happen)
|
|
||||||
# Note: Special treatment of stop for LSB conformance
|
|
||||||
AUDITD_BIN=/usr/sbin/auditd
|
|
||||||
test -x $AUDITD_BIN || { echo "$AUDITD_BIN not installed";
|
|
||||||
if [ "$1" = "stop" ]; then exit 0;
|
|
||||||
else exit 5; fi; }
|
|
||||||
|
|
||||||
# Check for existence of needed config file and read it
|
|
||||||
AUDITD_CONFIG=/etc/sysconfig/auditd
|
|
||||||
test -r $AUDITD_CONFIG || { echo "$AUDITD_CONFIG not existing";
|
|
||||||
if [ "$1" = "stop" ]; then exit 0;
|
|
||||||
else exit 6; fi; }
|
|
||||||
|
|
||||||
# Read config
|
|
||||||
. $AUDITD_CONFIG
|
|
||||||
|
|
||||||
# Source LSB init functions
|
|
||||||
# providing start_daemon, killproc, pidofproc,
|
|
||||||
# log_success_msg, log_failure_msg and log_warning_msg.
|
|
||||||
# This is currently not used by UnitedLinux based distributions and
|
|
||||||
# not needed for init scripts for UnitedLinux only. If it is used,
|
|
||||||
# the functions from rc.status should not be sourced or used.
|
|
||||||
#. /lib/lsb/init-functions
|
|
||||||
|
|
||||||
# Shell functions sourced from /etc/rc.status:
|
|
||||||
# rc_check check and set local and overall rc status
|
|
||||||
# rc_status check and set local and overall rc status
|
|
||||||
# rc_status -v be verbose in local rc status and clear it afterwards
|
|
||||||
# rc_status -v -r ditto and clear both the local and overall rc status
|
|
||||||
# rc_status -s display "skipped" and exit with status 3
|
|
||||||
# rc_status -u display "unused" and exit with status 3
|
|
||||||
# rc_failed set local and overall rc status to failed
|
|
||||||
# rc_failed <num> set local and overall rc status to <num>
|
|
||||||
# rc_reset clear both the local and overall rc status
|
|
||||||
# rc_exit exit appropriate to overall rc status
|
|
||||||
# rc_active checks whether a service is activated by symlinks
|
|
||||||
# rc_splash arg sets the boot splash screen to arg (if active)
|
|
||||||
. /etc/rc.status
|
|
||||||
|
|
||||||
# Reset status of this service
|
|
||||||
rc_reset
|
|
||||||
|
|
||||||
# Return values acc. to LSB for all commands but status:
|
|
||||||
# 0 - success
|
|
||||||
# 1 - generic or unspecified error
|
|
||||||
# 2 - invalid or excess argument(s)
|
|
||||||
# 3 - unimplemented feature (e.g. "reload")
|
|
||||||
# 4 - user had insufficient privileges
|
|
||||||
# 5 - program is not installed
|
|
||||||
# 6 - program is not configured
|
|
||||||
# 7 - program is not running
|
|
||||||
# 8--199 - reserved (8--99 LSB, 100--149 distrib, 150--199 appl)
|
|
||||||
#
|
|
||||||
# Note that starting an already running service, stopping
|
|
||||||
# or restarting a not-running service as well as the restart
|
|
||||||
# with force-reload (in case signaling is not supported) are
|
|
||||||
# considered a success.
|
|
||||||
|
|
||||||
case "$1" in
|
|
||||||
start)
|
|
||||||
echo -n "Starting auditd "
|
|
||||||
if [ "$AUDITD_DISABLE_CONTEXTS" == "yes" ] ; then
|
|
||||||
EXTRAOPTIONS="$EXTRAOPTIONS -s disable"
|
|
||||||
fi
|
|
||||||
|
|
||||||
## Start daemon with startproc(8). If this fails
|
|
||||||
## the return value is set appropriately by startproc.
|
|
||||||
startproc $AUDITD_BIN $EXTRAOPTIONS
|
|
||||||
test -f /etc/audit/audit.rules && /sbin/auditctl -R /etc/audit/audit.rules >/dev/null
|
|
||||||
|
|
||||||
# Remember status and be verbose
|
|
||||||
rc_status -v
|
|
||||||
;;
|
|
||||||
stop)
|
|
||||||
echo -n "Shutting down auditd "
|
|
||||||
## Stop daemon with killproc(8) and if this fails
|
|
||||||
## killproc sets the return value according to LSB.
|
|
||||||
|
|
||||||
killproc -TERM $AUDITD_BIN
|
|
||||||
|
|
||||||
# Remember status and be verbose. Failure of following auditctl -D
|
|
||||||
# shouldn't impact status
|
|
||||||
rc_status -v
|
|
||||||
|
|
||||||
# Remove watches so shutdown works cleanly
|
|
||||||
if test "`echo $AUDITD_CLEAN_STOP | tr 'NO' 'no'`" != "no" ; then
|
|
||||||
/sbin/auditctl -D >/dev/null
|
|
||||||
fi
|
|
||||||
;;
|
|
||||||
try-restart|condrestart)
|
|
||||||
## Do a restart only if the service was active before.
|
|
||||||
## Note: try-restart is now part of LSB (as of 1.9).
|
|
||||||
## RH has a similar command named condrestart.
|
|
||||||
if test "$1" = "condrestart"; then
|
|
||||||
echo "${attn} Use try-restart ${done}(LSB)${attn} rather than condrestart ${warn}(RH)${norm}"
|
|
||||||
fi
|
|
||||||
$0 status
|
|
||||||
if test $? = 0; then
|
|
||||||
$0 restart
|
|
||||||
else
|
|
||||||
rc_reset # Not running is not a failure.
|
|
||||||
fi
|
|
||||||
# Remember status and be quiet
|
|
||||||
rc_status
|
|
||||||
;;
|
|
||||||
restart)
|
|
||||||
## Stop the service and regardless of whether it was
|
|
||||||
## running or not, start it again.
|
|
||||||
$0 stop
|
|
||||||
$0 start
|
|
||||||
|
|
||||||
# Remember status and be quiet
|
|
||||||
rc_status
|
|
||||||
;;
|
|
||||||
force-reload)
|
|
||||||
## Signal the daemon to reload its config. Most daemons
|
|
||||||
## do this on signal 1 (SIGHUP).
|
|
||||||
## If it does not support it, restart.
|
|
||||||
|
|
||||||
echo -n "Reload service AUDITD "
|
|
||||||
## if it supports it:
|
|
||||||
killproc -HUP $AUDITD_BIN
|
|
||||||
#touch /var/run/auditd.pid
|
|
||||||
rc_status -v
|
|
||||||
|
|
||||||
## Otherwise:
|
|
||||||
#$0 try-restart
|
|
||||||
#rc_status
|
|
||||||
;;
|
|
||||||
reload)
|
|
||||||
## Like force-reload, but if daemon does not support
|
|
||||||
## signaling, do nothing (!)
|
|
||||||
|
|
||||||
# If it supports signaling:
|
|
||||||
echo -n "Reload service auditd "
|
|
||||||
killproc -HUP $AUDITD_BIN
|
|
||||||
#touch /var/run/auditd.pid
|
|
||||||
rc_status -v
|
|
||||||
|
|
||||||
## Otherwise if it does not support reload:
|
|
||||||
#rc_failed 3
|
|
||||||
#rc_status -v
|
|
||||||
;;
|
|
||||||
status)
|
|
||||||
echo -n "Checking for service auditd "
|
|
||||||
## Check status with checkproc(8), if process is running
|
|
||||||
## checkproc will return with exit status 0.
|
|
||||||
|
|
||||||
# Return value is slightly different for the status command:
|
|
||||||
# 0 - service up and running
|
|
||||||
# 1 - service dead, but /var/run/ pid file exists
|
|
||||||
# 2 - service dead, but /var/lock/ lock file exists
|
|
||||||
# 3 - service not running (unused)
|
|
||||||
# 4 - service status unknown :-(
|
|
||||||
# 5--199 reserved (5--99 LSB, 100--149 distro, 150--199 appl.)
|
|
||||||
|
|
||||||
# NOTE: checkproc returns LSB compliant status values.
|
|
||||||
checkproc $AUDITD_BIN
|
|
||||||
# NOTE: rc_status knows that we called this init script with
|
|
||||||
# "status" option and adapts its messages accordingly.
|
|
||||||
rc_status -v
|
|
||||||
;;
|
|
||||||
probe)
|
|
||||||
## Optional: Probe for the necessity of a reload, print out the
|
|
||||||
## argument to this init script which is required for a reload.
|
|
||||||
## Note: probe is not (yet) part of LSB (as of 1.9)
|
|
||||||
|
|
||||||
test /etc/audit/auditd.conf -nt /var/run/auditd.pid && echo reload
|
|
||||||
;;
|
|
||||||
*)
|
|
||||||
echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload|probe}"
|
|
||||||
exit 1
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
rc_exit
|
|
Loading…
Reference in New Issue
Block a user