diff options
| author |   John P. Davis <zhen@gentoo.org> | 2003-06-08 19:21:14 +0000 |
|---|---|---|
| committer | John P. Davis <zhen@gentoo.org> | 2003-06-08 19:21:14 +0000 |
| commit | 19a6be081789c79230a6efc0f61b554b65ef56b8 (patch) | |
| tree | f0ba6f466306a157339afdf3c7c99998b695cd98 /sys-apps/sal-client | |
| parent | fix silly typo (diff) | |
| download | gentoo-2-19a6be081789c79230a6efc0f61b554b65ef56b8.tar.gz gentoo-2-19a6be081789c79230a6efc0f61b554b65ef56b8.tar.bz2 gentoo-2-19a6be081789c79230a6efc0f61b554b65ef56b8.zip | |
created the rc script, cleaned up the auditd.conf (/etc/conf.d) and put some warnings in the ebuilds
Diffstat (limited to 'sys-apps/sal-client')
| -rw-r--r-- | sys-apps/sal-client/Manifest | 8 | ||||
| -rw-r--r-- | sys-apps/sal-client/files/auditd.confd | 7 | ||||
| -rw-r--r-- | sys-apps/sal-client/files/sal-client-init | 40 | ||||
| -rw-r--r-- | sys-apps/sal-client/sal-client-1.0_rc3.ebuild | 27 |
4 files changed, 58 insertions, 24 deletions
diff --git a/sys-apps/sal-client/Manifest b/sys-apps/sal-client/Manifest index 043eb28bf864..58cc3f64a125 100644 --- a/sys-apps/sal-client/Manifest +++ b/sys-apps/sal-client/Manifest @@ -1,5 +1,5 @@ -MD5 c2ceb7ba78ce1d27ee00256b05a72e7e sal-client-1.0_rc3.ebuild 1152 -MD5 015a993293ffd26cd718948b0c83fc7a ChangeLog 419 +MD5 a36d0749887523573976f357dfc02e49 sal-client-1.0_rc3.ebuild 1936 +MD5 34c5efd0bb2ff3367a86b24b91556720 ChangeLog 573 MD5 5aa22bbbe3279a7d60625851d5e92f4a files/digest-sal-client-1.0_rc3 69 -MD5 8669d0f34fb31503b58997c7fbffedf4 files/auditd.confd 268 -MD5 7685400c877def74069163dc15dcbaf3 files/sal-client-init 779 +MD5 addafa7dedf783750bfdd94b7bb3c07e files/auditd.confd 439 +MD5 2fd8c6d4639c639d6c75bb42ce160296 files/sal-client-init 709 diff --git a/sys-apps/sal-client/files/auditd.confd b/sys-apps/sal-client/files/auditd.confd index 9ee6d6ac3018..0e8054effaf2 100644 --- a/sys-apps/sal-client/files/auditd.confd +++ b/sys-apps/sal-client/files/auditd.confd @@ -1,7 +1,12 @@ # Copyright 1999-2003 Gentoo Technologies, Inc. # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-apps/sal-client/files/auditd.confd,v 1.1 2003/06/08 18:06:20 zhen Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-apps/sal-client/files/auditd.confd,v 1.2 2003/06/08 19:21:03 zhen Exp $ +# DO NOT CHANGE THIS UNLESS YOU KNOW WHAT YOU ARE DOING!! +# Temporary log storage directory TMP_DIR="/var/lib/auditd" + +#Base file name for temporary logfiles FILE="audit" +AUDITD_OPTS=" -d $TMP_DIR -b $FILE -r" diff --git a/sys-apps/sal-client/files/sal-client-init b/sys-apps/sal-client/files/sal-client-init index e0975b1dd8b9..e58131fe4eeb 100644 --- a/sys-apps/sal-client/files/sal-client-init +++ b/sys-apps/sal-client/files/sal-client-init @@ -1,24 +1,30 @@ +#! /sbin/runscript # Copyright 1999-2003 Gentoo Technologies, Inc. # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-apps/sal-client/files/sal-client-init,v 1.1 2003/06/08 18:06:20 zhen Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-apps/sal-client/files/sal-client-init,v 1.2 2003/06/08 19:21:03 zhen Exp $ -TMP_DIR="tmp" -FILE="audit" +# NB: Config is in /etc/conf.d/auditd -# forcibly delete the temporary directory if needed -if [ -e $TMP_DIR ] -then - rm -rf $TMP_DIR -fi +depend() { + use net +} -# the below assumes that the certificate authority directory is /CA +start() { + ebegin "Starting auditd" + + # forcibly delete the temporary files if needed + if [ -e $TMP_DIR ]; then + rm -rf $TMP_DIR/* + fi -# the audit daemon run as a background process -# automatically creates the temporary directory if needed -./daemon/auditd -d $TMP_DIR -b $FILE -r & - -# the audit client run as a foreground process -# sends the audit data to the terminal (stdout) -# to send audit data to a server replace -v with -a x.x.x.x -./client/auditclient -e -d $TMP_DIR -b $FILE -v + start-stop-daemon --start --quiet --exec /usr/sbin/auditd -- ${AUDITD_OPTS} & + /bin/pidof auditd > /var/run/auditd.pid + eend $? "Failed to start auditd" + +} +stop() { + ebegin "Stopping auditd" + /bin/killall -s9 auditd + eend $? "Failed to stop auditd" +} diff --git a/sys-apps/sal-client/sal-client-1.0_rc3.ebuild b/sys-apps/sal-client/sal-client-1.0_rc3.ebuild index c36378db80da..82a681c1e95e 100644 --- a/sys-apps/sal-client/sal-client-1.0_rc3.ebuild +++ b/sys-apps/sal-client/sal-client-1.0_rc3.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2003 Gentoo Technologies, Inc. # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-apps/sal-client/sal-client-1.0_rc3.ebuild,v 1.1 2003/06/08 18:06:20 zhen Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-apps/sal-client/sal-client-1.0_rc3.ebuild,v 1.2 2003/06/08 19:21:03 zhen Exp $ MY_P=${P/_/-} @@ -11,7 +11,7 @@ SRC_URI="http://belnet.dl.sourceforge.net/sourceforge/secureaudit/${MY_P/rc3/RC3 LICENSE="GPL-2" SLOT="0" -KEYWORDS="-x86" +KEYWORDS="~x86" IUSE="" DEPEND="virtual/glibc \ @@ -43,3 +43,26 @@ src_install() { dodoc ${S}/patches/README.todo.patches } + +pkg_postinst() { + echo + einfo "To create the necessary secure directory to hold your buffered logs," + einfo "please remember to configure using the following line:" + echo + einfo "ebuild /var/db/pkg/${CATEGORY}/${PF}/${PF}.ebuild config" + echo + ewarn "Please note that using the above method is NOT secure. You will need to explore" + ewarn "either a crypto loopback filesystem, or other means of creating a secure jail" + ewarn "for these temporary log files. We assume no responsibility for security breaches" + ewarn "if you just use the above configure script." + +} + +pkg_config() { + einfo "Creating default temporary log directory in ${ROOT}/var/lib/auditd" + /bin/mkdir ${ROOT}/var/lib/auditd + /bin/chown root:root ${ROOT}/var/lib/auditd + /bin/chmod 0600 ${ROOT}/var/lib/auditd +} + + |