1#!/bin/sh 2# 3# 4# Start up for the Audit daemon. 5# 6 7# PROVIDE: auditd 8# REQUIRE: syslogd 9# BEFORE: DAEMON 10# KEYWORD: nojail shutdown 11 12. /etc/rc.subr 13 14name="auditd" 15desc="Audit daemon" 16stop_cmd="auditd_stop" 17command="/usr/sbin/${name}" 18pidfile="/var/run/${name}.pid" 19rcvar="auditd_enable" 20command_args="${auditd_flags}" 21required_files="/etc/security/audit_class /etc/security/audit_control 22 /etc/security/audit_event /etc/security/audit_user 23 /etc/security/audit_warn" 24 25auditd_stop() 26{ 27 28 /usr/sbin/audit -t 29 if [ -n "$rc_pid" ]; then 30 wait_for_pids $rc_pid 31 fi 32} 33 34load_rc_config $name 35 36# doesn't make sense to run in a svcj: nojail keyword 37auditd_svcj="NO" 38 39run_rc_command "$1" 40