#! /bin/sh
# Copyright (c) 2003 SuSE Linux AG, Nuernberg, Germany.
#
# Author: Olaf Kirch <okir@suse.de>
#  migration to RHEL 3 by Mark Dewandel
#  RHEL 3 maintenance: Charlie Bennett ccb@redhat.com
#
# /etc/init.d/audit
# chkconfig: 235 20 95
# description: Start Linux Audit Subsystem (LAuS)
#

test -s /etc/sysconfig/audit && {
    . /etc/sysconfig/audit
}

initdir=/etc/init.d

. $initdir/functions


AUDITD_BIN=/sbin/auditd

test -x $AUDITD_BIN || exit 5
prog=`basename $AUDITD_BIN`
_LOCKDIR=/var/lock/subsys

# Return values acc. to LSB for all commands but status:
# 0 - success
# 1 - generic or unspecified error
# 2 - invalid or excess argument(s)
# 3 - unimplemented feature (e.g. "reload")
# 4 - insufficient privilege
# 5 - program is not installed
# 6 - program is not configured
# 7 - program is not running
# 
# Note that starting an already running service, stopping
# or restarting a not-running service as well as the restart
# with force-reload (in case signalling is not supported) are
# considered a success.

AuditSetup() {

    /sbin/modprobe audit > /dev/null 2>&1
    RETVAL=$?
    if [ $RETVAL -ne 0 ]; then
	    # kernel support not available
	echo -n " (kernel audit support unavailable)"
	failure "$prog startup"
	echo
	exit $RETVAL
    fi
    sleep 1 # let the device initialize a little
}

case "$1" in
    start)
	echo -n "Starting audit subsystem"
	AuditSetup
	daemon $AUDITD_BIN
	RETVAL=$?
	if [ $RETVAL = 0 ]; then
	    > $_LOCKDIR/audit
	    success "$prog startup"
	else
	    failure "$prog startup"
	fi
	echo
	exit $RETVAL
	;;

    stop)
	echo -n "Shutting down audit subsystem"
	
	killproc $AUDITD_BIN -TERM
	RETVAL=$?
	if [ $RETVAL = 0 ]; then
	    rm -f $_LOCKDIR/audit
	fi
	echo
	exit $RETVAL
	;;
    
    condrestart)
	## Stop the service and if this succeeds (i.e. the 
	## service was running before), start it again.
	## Note: try-restart is not (yet) part of LSB (as of 0.7.5)
	if [ -f $_LOCKDIR/audit ];then
	    $0 restart
	fi
	;;

    restart)
	## If first returns OK call the second, if first or
	## second command fails, set echo return value.
	$0 stop  &&  $0 start
	;;

    reload|force-reload)
        echo -n "Reload audit configuration"

	$AUDITD_BIN -r
	RETVAL=$?
	if [ $RETVAL = 0 ];then
	    success "$prog configuration reload"
	else
	    failure "$prog configuration reload"
	fi
	echo
	exit $RETVAL
	;;
    status)
        status $AUDITD_BIN
	;;
    *)
	echo "Usage: $0 {start|stop|condrestart|restart|force-reload|reload}"
	exit 1
esac

# return exit value from case
exit

