Cross Reference: /illumos-gate/usr/src/cmd/auditd/svc-auditd

	svc-auditd revision 7c478bd95313f5f23a4c958a745db2134aa03244
6ee667aeeb284b652e256ad1d792b0fb6c28fabaLennart Poettering#! /sbin/sh
643a14a5271ed19ec30a9882d4b9e9ae1c357fb1Lennart Poettering#
47be870bd83fb3719dffc3ee9348a409ab762a14Lennart Poettering# CDDL HEADER START
47be870bd83fb3719dffc3ee9348a409ab762a14Lennart Poettering#
3e2147858f21943d5f4a781c60f33ac22c6096edKay Sievers# The contents of this file are subject to the terms of the
3e2147858f21943d5f4a781c60f33ac22c6096edKay Sievers# Common Development and Distribution License, Version 1.0 only
91e8651b6e3acf77c0fc51febe70b94afcd81b7dZbigniew Jędrzejewski-Szmek# (the "License").  You may not use this file except in compliance
47be870bd83fb3719dffc3ee9348a409ab762a14Lennart Poettering# with the License.
47be870bd83fb3719dffc3ee9348a409ab762a14Lennart Poettering#
5430f7f2bc7330f3088b894166bf3524a067e3d8Lennart Poettering# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
5430f7f2bc7330f3088b894166bf3524a067e3d8Lennart Poettering# or http://www.opensolaris.org/os/licensing.
47be870bd83fb3719dffc3ee9348a409ab762a14Lennart Poettering# See the License for the specific language governing permissions
47be870bd83fb3719dffc3ee9348a409ab762a14Lennart Poettering# and limitations under the License.
47be870bd83fb3719dffc3ee9348a409ab762a14Lennart Poettering#
47be870bd83fb3719dffc3ee9348a409ab762a14Lennart Poettering# When distributing Covered Code, include this CDDL HEADER in each
47be870bd83fb3719dffc3ee9348a409ab762a14Lennart Poettering# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
5430f7f2bc7330f3088b894166bf3524a067e3d8Lennart Poettering# If applicable, add the following below this CDDL HEADER, with the
47be870bd83fb3719dffc3ee9348a409ab762a14Lennart Poettering# fields enclosed by brackets "[]" replaced with your own identifying
5430f7f2bc7330f3088b894166bf3524a067e3d8Lennart Poettering# information: Portions Copyright [yyyy] [name of copyright owner]
47be870bd83fb3719dffc3ee9348a409ab762a14Lennart Poettering#
47be870bd83fb3719dffc3ee9348a409ab762a14Lennart Poettering# CDDL HEADER END
3e2147858f21943d5f4a781c60f33ac22c6096edKay Sievers#
3e2147858f21943d5f4a781c60f33ac22c6096edKay Sievers#
b5a223bfcf2ebcf374973b29870a5e80fb42b8beZbigniew Jędrzejewski-Szmek# Copyright 2005 Sun Microsystems, Inc.  All rights reserved.
47be870bd83fb3719dffc3ee9348a409ab762a14Lennart Poettering# Use is subject to license terms.
3e2147858f21943d5f4a781c60f33ac22c6096edKay Sievers#
3e2147858f21943d5f4a781c60f33ac22c6096edKay Sievers# ident "%Z%%M% %I% %E% SMI"
96bd03d5b8d5d04fc8037c03a43bb5b148cc1e29Zbigniew Jędrzejewski-Szmek
96bd03d5b8d5d04fc8037c03a43bb5b148cc1e29Zbigniew Jędrzejewski-Szmek# if the audit state is "disabled" auditconfig returns
96bd03d5b8d5d04fc8037c03a43bb5b148cc1e29Zbigniew Jędrzejewski-Szmek# non-zero exit status unless the c2audit module is loaded;
652e737517bbbae692923246aeb687e2d1f314efZbigniew Jędrzejewski-Szmek# if c2audit is loaded, "disabled" becomes "noaudit" early
652e737517bbbae692923246aeb687e2d1f314efZbigniew Jędrzejewski-Szmek# in the boot cycle and "auditing" only after auditd starts.
652e737517bbbae692923246aeb687e2d1f314efZbigniew Jędrzejewski-Szmek
c2654883624885696edccd2a202873998ec208f1Holger Hans Peter Freyther. /lib/svc/share/smf_include.sh
e7c431d3bcfdeeec5dcae0707145edb9a3f749aaHolger Hans Peter Freyther
c2654883624885696edccd2a202873998ec208f1Holger Hans Peter FreytherAUDITCONFIG=/usr/sbin/auditconfig
946f1825751919a176cd0039002a514de0c9c70fHannes ReineckeZONE=`/sbin/zonename`
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering
946f1825751919a176cd0039002a514de0c9c70fHannes ReineckeAUDITCOND=`$AUDITCONFIG -getcond 2> /dev/null`
3e2147858f21943d5f4a781c60f33ac22c6096edKay Sievers
3e2147858f21943d5f4a781c60f33ac22c6096edKay Sieversif [ $? -ne 0 ]; then
71c474864cef9be433adb2adba2085786cda829aLennart Poettering    # The decision whether to start
3e2147858f21943d5f4a781c60f33ac22c6096edKay Sievers    # auditing is driven by bsmconv / bsmunconv
1c7dde3e475978c569a982d65fd86d4b4e3caad8Bastien Nocera    /usr/sbin/svcadm mark maintenance system/auditd
c01995635d14840074c2ff17a153b76edd0bf1b9Lennart Poettering    exit $SMF_EXIT_MON_OFFLINE;
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poetteringfi
c01995635d14840074c2ff17a153b76edd0bf1b9Lennart Poettering
74b91131ed09850ed487a2f7849147ff6f80194dLennart Poettering# In a non-global zone, auditd is started only if the "perzone"
114a50f898a89bd7784c215ac5df95ec8c45a905Lennart Poettering# audit policy has been set.
ef3b5246879094e29cc99c4d24cbfeb19b7da49bLennart Poetteringif [ "$ZONE" != "global" ]; then
114a50f898a89bd7784c215ac5df95ec8c45a905Lennart Poettering    echo `$AUDITCONFIG -getpolicy` | grep perzone > /dev/null
114a50f898a89bd7784c215ac5df95ec8c45a905Lennart Poettering
4b2d99d9f4258a29f0bf8b1a78d17836e75bc378Lennart Poettering    if [ $? -eq 1 ]; then
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering        echo "$0:  auditd is not configured to run in a local zone"
4b2d99d9f4258a29f0bf8b1a78d17836e75bc378Lennart Poettering        exit $SMF_EXIT_ERR_CONFIG;
4b2d99d9f4258a29f0bf8b1a78d17836e75bc378Lennart Poettering    fi
c01995635d14840074c2ff17a153b76edd0bf1b9Lennart Poetteringfi
251cc8194228ac86c9a7a4c75a54a94cea2095c7Lennart Poettering
c01995635d14840074c2ff17a153b76edd0bf1b9Lennart Poettering/etc/security/audit_startup
4b2d99d9f4258a29f0bf8b1a78d17836e75bc378Lennart Poettering# daemon forks, parent exits when child says it's ready
8c4a3079a7f358c179430d1aec59de8b670b5f6eLennart Poetteringexec /usr/sbin/auditd
d122948d6fbaac4505cf14a08f1237daa89efdd0Lennart Poettering
d122948d6fbaac4505cf14a08f1237daa89efdd0Lennart Poettering