svc-auditd revision 7c478bd95313f5f23a4c958a745db2134aa03244
#! /sbin/sh
#
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License, Version 1.0 only
# (the "License"). You may not use this file except in compliance
# with the License.
#
# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
# or http://www.opensolaris.org/os/licensing.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
# If applicable, add the following below this CDDL HEADER, with the
# fields enclosed by brackets "[]" replaced with your own identifying
# information: Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
#
# Copyright 2005 Sun Microsystems, Inc. All rights reserved.
# Use is subject to license terms.
#
# ident "%Z%%M% %I% %E% SMI"
# if the audit state is "disabled" auditconfig returns
# non-zero exit status unless the c2audit module is loaded;
# if c2audit is loaded, "disabled" becomes "noaudit" early
# in the boot cycle and "auditing" only after auditd starts.
. /lib/svc/share/smf_include.sh
AUDITCONFIG=/usr/sbin/auditconfig
ZONE=`/sbin/zonename`
AUDITCOND=`$AUDITCONFIG -getcond 2> /dev/null`
if [ $? -ne 0 ]; then
# The decision whether to start
# auditing is driven by bsmconv / bsmunconv
/usr/sbin/svcadm mark maintenance system/auditd
exit $SMF_EXIT_MON_OFFLINE;
fi
# In a non-global zone, auditd is started only if the "perzone"
# audit policy has been set.
if [ "$ZONE" != "global" ]; then
echo `$AUDITCONFIG -getpolicy` | grep perzone > /dev/null
if [ $? -eq 1 ]; then
echo "$0: auditd is not configured to run in a local zone"
exit $SMF_EXIT_ERR_CONFIG;
fi
fi
/etc/security/audit_startup
# daemon forks, parent exits when child says it's ready
exec /usr/sbin/auditd