#! /bin/sh # # CDDL HEADER START # # The contents of this file are subject to the terms of the # Common Development and Distribution License (the "License"). # You may not use this file except in compliance with the License. # # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE # or http://www.opensolaris.org/os/licensing. # See the License for the specific language governing permissions # and limitations under the License. # # When distributing Covered Code, include this CDDL HEADER in each # file and include the License file at usr/src/OPENSOLARIS.LICENSE. # If applicable, add the following below this CDDL HEADER, with the # fields enclosed by brackets "[]" replaced with your own identifying # information: Portions Copyright [yyyy] [name of copyright owner] # # CDDL HEADER END # # # Copyright 2010 Sun Microsystems, Inc. All rights reserved. # Use is subject to license terms. # # This shell script warns the administrator when there are problems or # potential problems with the audit daemon. The default script sends # a message to the machine console in the case where there # is no audit space available. It has comments in a few places where # additional actions might be appropriate (eg. clearing some space). # #--------------------------------------------------------------------------- # send mail and generate syslog output # # $MESSAGE and $SUBJECT are set by the caller # # edit this function to omit syslog or mail output. #--------------------------------------------------------------------------- send_msg() { MAILER=/usr/bin/mailx SED=/usr/bin/sed LOGCMD="$LOGGER -p daemon.alert" ADDRESS=audit_warn # standard alias for audit alerts # turn off redirect to /dev/null to see sendmail output /usr/lib/sendmail -bv $ADDRESS > /dev/null if [ $? -ne 0 ] then $LOGCMD "The $ADDRESS mail alias is not defined" ADDRESS=root fi if [ -z "$COUNT" -o "0$COUNT" -eq 1 ] then echo "$0: $MESSAGE" | $MAILER -s "$SUBJECT" $ADDRESS fi STRIPPEDMSG=`echo "$MESSAGE" | $SED -e "s/\n/ /g"` $LOGCMD $STRIPPEDMSG } # If you change this script, script debug should first be done via the # command line, so input errors are output via "echo," but syslog # debug messages are better for testing from auditd since the echo # output would be lost. For testing with auditd, replace # 'DEBUG_OUT="echo"' with 'DEBUG_OUT="$LOGGER -p daemon.debug"' LOGGER="/usr/bin/logger" DEBUG_OUT="echo" # Check usage if [ "$#" -lt "1" -o "$#" -gt "5" ] then $DEBUG_OUT "Usage: $0