1*7c478bd9Sstevel@tonic-gate<?xml version="1.0"?> 2*7c478bd9Sstevel@tonic-gate<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1"> 3*7c478bd9Sstevel@tonic-gate<!-- 4*7c478bd9Sstevel@tonic-gate Copyright 2005 Sun Microsystems, Inc. All rights reserved. 5*7c478bd9Sstevel@tonic-gate Use is subject to license terms. 6*7c478bd9Sstevel@tonic-gate 7*7c478bd9Sstevel@tonic-gate CDDL HEADER START 8*7c478bd9Sstevel@tonic-gate 9*7c478bd9Sstevel@tonic-gate The contents of this file are subject to the terms of the 10*7c478bd9Sstevel@tonic-gate Common Development and Distribution License, Version 1.0 only 11*7c478bd9Sstevel@tonic-gate (the "License"). You may not use this file except in compliance 12*7c478bd9Sstevel@tonic-gate with the License. 13*7c478bd9Sstevel@tonic-gate 14*7c478bd9Sstevel@tonic-gate You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 15*7c478bd9Sstevel@tonic-gate or http://www.opensolaris.org/os/licensing. 16*7c478bd9Sstevel@tonic-gate See the License for the specific language governing permissions 17*7c478bd9Sstevel@tonic-gate and limitations under the License. 18*7c478bd9Sstevel@tonic-gate 19*7c478bd9Sstevel@tonic-gate When distributing Covered Code, include this CDDL HEADER in each 20*7c478bd9Sstevel@tonic-gate file and include the License file at usr/src/OPENSOLARIS.LICENSE. 21*7c478bd9Sstevel@tonic-gate If applicable, add the following below this CDDL HEADER, with the 22*7c478bd9Sstevel@tonic-gate fields enclosed by brackets "[]" replaced with your own identifying 23*7c478bd9Sstevel@tonic-gate information: Portions Copyright [yyyy] [name of copyright owner] 24*7c478bd9Sstevel@tonic-gate 25*7c478bd9Sstevel@tonic-gate CDDL HEADER END 26*7c478bd9Sstevel@tonic-gate 27*7c478bd9Sstevel@tonic-gate ident "%Z%%M% %I% %E% SMI" 28*7c478bd9Sstevel@tonic-gate 29*7c478bd9Sstevel@tonic-gate NOTE: This service manifest is not editable; its contents will 30*7c478bd9Sstevel@tonic-gate be overwritten by package or patch operations, including 31*7c478bd9Sstevel@tonic-gate operating system upgrade. Make customizations in a different 32*7c478bd9Sstevel@tonic-gate file. 33*7c478bd9Sstevel@tonic-gate--> 34*7c478bd9Sstevel@tonic-gate 35*7c478bd9Sstevel@tonic-gate<service_bundle type='manifest' name='SUNWcsr:auditd'> 36*7c478bd9Sstevel@tonic-gate 37*7c478bd9Sstevel@tonic-gate<service 38*7c478bd9Sstevel@tonic-gate name='system/auditd' 39*7c478bd9Sstevel@tonic-gate type='service' 40*7c478bd9Sstevel@tonic-gate version='1'> 41*7c478bd9Sstevel@tonic-gate 42*7c478bd9Sstevel@tonic-gate <single_instance /> 43*7c478bd9Sstevel@tonic-gate 44*7c478bd9Sstevel@tonic-gate <dependency 45*7c478bd9Sstevel@tonic-gate name='usr' 46*7c478bd9Sstevel@tonic-gate type='service' 47*7c478bd9Sstevel@tonic-gate grouping='require_all' 48*7c478bd9Sstevel@tonic-gate restart_on='none'> 49*7c478bd9Sstevel@tonic-gate <service_fmri value='svc:/system/filesystem/local' /> 50*7c478bd9Sstevel@tonic-gate </dependency> 51*7c478bd9Sstevel@tonic-gate 52*7c478bd9Sstevel@tonic-gate <dependency 53*7c478bd9Sstevel@tonic-gate name='ns' 54*7c478bd9Sstevel@tonic-gate type='service' 55*7c478bd9Sstevel@tonic-gate grouping='require_all' 56*7c478bd9Sstevel@tonic-gate restart_on='none'> 57*7c478bd9Sstevel@tonic-gate <service_fmri value='svc:/milestone/name-services' /> 58*7c478bd9Sstevel@tonic-gate </dependency> 59*7c478bd9Sstevel@tonic-gate 60*7c478bd9Sstevel@tonic-gate <dependency 61*7c478bd9Sstevel@tonic-gate name='syslog' 62*7c478bd9Sstevel@tonic-gate type='service' 63*7c478bd9Sstevel@tonic-gate grouping='require_all' 64*7c478bd9Sstevel@tonic-gate restart_on='none'> 65*7c478bd9Sstevel@tonic-gate <service_fmri value='svc:/system/system-log' /> 66*7c478bd9Sstevel@tonic-gate </dependency> 67*7c478bd9Sstevel@tonic-gate 68*7c478bd9Sstevel@tonic-gate <dependent 69*7c478bd9Sstevel@tonic-gate name='auditd_multi-user' 70*7c478bd9Sstevel@tonic-gate grouping='optional_all' 71*7c478bd9Sstevel@tonic-gate restart_on='none'> 72*7c478bd9Sstevel@tonic-gate <service_fmri value='svc:/milestone/multi-user'/> 73*7c478bd9Sstevel@tonic-gate </dependent> 74*7c478bd9Sstevel@tonic-gate 75*7c478bd9Sstevel@tonic-gate <dependent 76*7c478bd9Sstevel@tonic-gate name='console-login' 77*7c478bd9Sstevel@tonic-gate grouping='optional_all' 78*7c478bd9Sstevel@tonic-gate restart_on='none'> 79*7c478bd9Sstevel@tonic-gate <service_fmri value='svc:/system/console-login'/> 80*7c478bd9Sstevel@tonic-gate </dependent> 81*7c478bd9Sstevel@tonic-gate 82*7c478bd9Sstevel@tonic-gate <exec_method 83*7c478bd9Sstevel@tonic-gate type='method' 84*7c478bd9Sstevel@tonic-gate name='start' 85*7c478bd9Sstevel@tonic-gate exec='/lib/svc/method/svc-auditd' 86*7c478bd9Sstevel@tonic-gate timeout_seconds='15'> 87*7c478bd9Sstevel@tonic-gate <method_context> 88*7c478bd9Sstevel@tonic-gate <method_credential user='root' group='root' /> 89*7c478bd9Sstevel@tonic-gate </method_context> 90*7c478bd9Sstevel@tonic-gate </exec_method> 91*7c478bd9Sstevel@tonic-gate 92*7c478bd9Sstevel@tonic-gate <exec_method 93*7c478bd9Sstevel@tonic-gate type='method' 94*7c478bd9Sstevel@tonic-gate name='refresh' 95*7c478bd9Sstevel@tonic-gate exec=':kill -HUP' 96*7c478bd9Sstevel@tonic-gate timeout_seconds='30'> 97*7c478bd9Sstevel@tonic-gate <method_context> 98*7c478bd9Sstevel@tonic-gate <method_credential user='root' group='root' /> 99*7c478bd9Sstevel@tonic-gate </method_context> 100*7c478bd9Sstevel@tonic-gate </exec_method> 101*7c478bd9Sstevel@tonic-gate 102*7c478bd9Sstevel@tonic-gate <!-- 103*7c478bd9Sstevel@tonic-gate auditd waits for c2audit to quiet down after catching a 104*7c478bd9Sstevel@tonic-gate -TERM before exiting; auditd's timeout is 20 seconds 105*7c478bd9Sstevel@tonic-gate --> 106*7c478bd9Sstevel@tonic-gate 107*7c478bd9Sstevel@tonic-gate <exec_method 108*7c478bd9Sstevel@tonic-gate type='method' 109*7c478bd9Sstevel@tonic-gate name='stop' 110*7c478bd9Sstevel@tonic-gate exec=':kill -TERM' 111*7c478bd9Sstevel@tonic-gate timeout_seconds='30'> 112*7c478bd9Sstevel@tonic-gate <method_context> 113*7c478bd9Sstevel@tonic-gate <method_credential user='root' group='root' /> 114*7c478bd9Sstevel@tonic-gate </method_context> 115*7c478bd9Sstevel@tonic-gate </exec_method> 116*7c478bd9Sstevel@tonic-gate 117*7c478bd9Sstevel@tonic-gate <!-- SIGs HUP, TERM, and USR1 are all expected by auditd --> 118*7c478bd9Sstevel@tonic-gate 119*7c478bd9Sstevel@tonic-gate <property_group name='startd' type='framework'> 120*7c478bd9Sstevel@tonic-gate <propval name='ignore_error' type='astring' 121*7c478bd9Sstevel@tonic-gate value='core,signal' /> 122*7c478bd9Sstevel@tonic-gate </property_group> 123*7c478bd9Sstevel@tonic-gate 124*7c478bd9Sstevel@tonic-gate <property_group name='general' type='framework'> 125*7c478bd9Sstevel@tonic-gate <!-- to start stop auditd --> 126*7c478bd9Sstevel@tonic-gate <propval name='action_authorization' type='astring' 127*7c478bd9Sstevel@tonic-gate value='solaris.audit.config' /> 128*7c478bd9Sstevel@tonic-gate </property_group> 129*7c478bd9Sstevel@tonic-gate 130*7c478bd9Sstevel@tonic-gate <instance name='default' enabled='false' /> 131*7c478bd9Sstevel@tonic-gate 132*7c478bd9Sstevel@tonic-gate <stability value='Evolving' /> 133*7c478bd9Sstevel@tonic-gate 134*7c478bd9Sstevel@tonic-gate <template> 135*7c478bd9Sstevel@tonic-gate <common_name> 136*7c478bd9Sstevel@tonic-gate <loctext xml:lang='C'> 137*7c478bd9Sstevel@tonic-gate Solaris audit daemon 138*7c478bd9Sstevel@tonic-gate </loctext> 139*7c478bd9Sstevel@tonic-gate </common_name> 140*7c478bd9Sstevel@tonic-gate <documentation> 141*7c478bd9Sstevel@tonic-gate <manpage title='auditd' 142*7c478bd9Sstevel@tonic-gate section='1M' 143*7c478bd9Sstevel@tonic-gate manpath='/usr/share/man'/> 144*7c478bd9Sstevel@tonic-gate <manpage title='audit' 145*7c478bd9Sstevel@tonic-gate section='1M' 146*7c478bd9Sstevel@tonic-gate manpath='/usr/share/man'/> 147*7c478bd9Sstevel@tonic-gate </documentation> 148*7c478bd9Sstevel@tonic-gate </template> 149*7c478bd9Sstevel@tonic-gate 150*7c478bd9Sstevel@tonic-gate</service> 151*7c478bd9Sstevel@tonic-gate 152*7c478bd9Sstevel@tonic-gate</service_bundle> 153