projects / buildroot.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 4be494b)
package/audit: ensure that it starts after the logging daemon
authorCarlos Santos <casantos@datacom.com.br>
Sat, 3 Nov 2018 16:42:42 +0000 (13:42 -0300)
committerThomas Petazzoni <thomas.petazzoni@bootlin.com>
Sat, 3 Nov 2018 21:21:53 +0000 (22:21 +0100)
audit uses syslog(). Rename its init script to S02auditd to ensure that
it will start after syslogd. Otherwise the initial log messages will be
sent to the console (and probably lost, since almost nobody watches the
system console on embedded systems).

Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
package/audit/S01auditd [deleted file] patch | blob | history
package/audit/S02auditd [new file with mode: 0644] patch | blob
package/audit/audit.mk patch | blob | history

diff --git a/package/audit/S01auditd b/package/audit/S01auditd
deleted file mode 100644 (file)
index 2ecf0f1..0000000
--- a/package/audit/S01auditd
+++ /dev/null
@@ -1,80 +0,0 @@
-#!/bin/sh
-#
-# auditd       This starts and stops auditd
-#
-# description: This starts the Linux Auditing System Daemon,
-#              which collects security related events in a dedicated
-#              audit log. If this daemon is turned off, audit events
-#              will be sent to syslog.
-#
-
-NAME=auditd
-DAEMON=/usr/sbin/${NAME}
-CONFIG=/etc/audit/auditd.conf
-PIDFILE=/var/run/${NAME}.pid
-
-start(){
-       printf "Starting ${NAME}: "
-
-       # Create dir to store log files in if one doesn't exist. Create
-       # the directory with SELinux permissions if possible
-       command -v matchpathcon >/dev/null 2>&1
-       if [ $? = 0 ]; then
-               mkdir -p /var/log/audit -Z `matchpathcon -n /var/log/audit`
-       else
-               mkdir -p /var/log/audit
-       fi
-
-       # Run audit daemon executable
-       start-stop-daemon -S -q -p ${PIDFILE} --exec ${DAEMON}
-
-       if [ $? = 0 ]; then
-               # Load the default rules
-               test -f /etc/audit/rules.d/audit.rules && /usr/sbin/auditctl -R /etc/audit/rules.d/audit.rules >/dev/null
-               echo "OK"
-       else
-               echo "FAIL"
-       fi
-}
-
-stop(){
-       printf "Stopping ${NAME}: "
-
-       start-stop-daemon -K -q -p ${PIDFILE}
-       [ $? = 0 ] && echo "OK" || echo "FAIL"
-}
-
-reload(){
-       printf "Reloading ${NAME} configuration: "
-       start-stop-daemon --stop -s 1 -p ${PIDFILE} 1>/dev/null
-       [ $? = 0 ] && echo "OK" || echo "FAIL"
-}
-
-rotate(){
-       printf "Rotating ${NAME} logs: "
-       start-stop-daemon --stop -s 10 -p ${PIDFILE} 1>/dev/null
-       [ $? = 0 ] && echo "OK" || echo "FAIL"
-}
-
-case "$1" in
-       start)
-               start
-               ;;
-       stop)
-               stop
-               ;;
-       restart)
-               stop
-               start
-               ;;
-       reload)
-               reload
-               ;;
-       rotate)
-               rotate
-               ;;
-       *)
-               echo "Usage: $0 {start|stop|restart|reload|rotate}"
-               exit 1
-               ;;
-esac
diff --git a/package/audit/S02auditd b/package/audit/S02auditd
new file mode 100644 (file)
index 0000000..2ecf0f1
--- /dev/null
+++ b/package/audit/S02auditd
@@ -0,0 +1,80 @@
+#!/bin/sh
+#
+# auditd       This starts and stops auditd
+#
+# description: This starts the Linux Auditing System Daemon,
+#              which collects security related events in a dedicated
+#              audit log. If this daemon is turned off, audit events
+#              will be sent to syslog.
+#
+
+NAME=auditd
+DAEMON=/usr/sbin/${NAME}
+CONFIG=/etc/audit/auditd.conf
+PIDFILE=/var/run/${NAME}.pid
+
+start(){
+       printf "Starting ${NAME}: "
+
+       # Create dir to store log files in if one doesn't exist. Create
+       # the directory with SELinux permissions if possible
+       command -v matchpathcon >/dev/null 2>&1
+       if [ $? = 0 ]; then
+               mkdir -p /var/log/audit -Z `matchpathcon -n /var/log/audit`
+       else
+               mkdir -p /var/log/audit
+       fi
+
+       # Run audit daemon executable
+       start-stop-daemon -S -q -p ${PIDFILE} --exec ${DAEMON}
+
+       if [ $? = 0 ]; then
+               # Load the default rules
+               test -f /etc/audit/rules.d/audit.rules && /usr/sbin/auditctl -R /etc/audit/rules.d/audit.rules >/dev/null
+               echo "OK"
+       else
+               echo "FAIL"
+       fi
+}
+
+stop(){
+       printf "Stopping ${NAME}: "
+
+       start-stop-daemon -K -q -p ${PIDFILE}
+       [ $? = 0 ] && echo "OK" || echo "FAIL"
+}
+
+reload(){
+       printf "Reloading ${NAME} configuration: "
+       start-stop-daemon --stop -s 1 -p ${PIDFILE} 1>/dev/null
+       [ $? = 0 ] && echo "OK" || echo "FAIL"
+}
+
+rotate(){
+       printf "Rotating ${NAME} logs: "
+       start-stop-daemon --stop -s 10 -p ${PIDFILE} 1>/dev/null
+       [ $? = 0 ] && echo "OK" || echo "FAIL"
+}
+
+case "$1" in
+       start)
+               start
+               ;;
+       stop)
+               stop
+               ;;
+       restart)
+               stop
+               start
+               ;;
+       reload)
+               reload
+               ;;
+       rotate)
+               rotate
+               ;;
+       *)
+               echo "Usage: $0 {start|stop|restart|reload|rotate}"
+               exit 1
+               ;;
+esac
diff --git a/package/audit/audit.mk b/package/audit/audit.mk
index 2f6e6653b3aa4d3d82dc74d28bbd421e45102a74..228ef9998ce51aa95e456da61dbdf471ba816366 100644 (file)
--- a/package/audit/audit.mk
+++ b/package/audit/audit.mk
@@ -38,7 +38,7 @@ AUDIT_CONF_OPTS += --disable-systemd
 endif
 
 define AUDIT_INSTALL_INIT_SYSV
-       $(INSTALL) -D -m 755 package/audit/S01auditd $(TARGET_DIR)/etc/init.d/S01auditd
+       $(INSTALL) -D -m 755 package/audit/S02auditd $(TARGET_DIR)/etc/init.d/S02auditd
 endef
 
 define AUDIT_INSTALL_INIT_SYSTEMD