#!/bin/bash
#
# Startup script for the Audit module and audit daemon
#
# chkconfig: 2345 98 10
# description: SNARE System iNtrusion Analysis and Reporting Environment
# processname: auditd
# config: /etc/audit/audit.conf

# Source function library.
. /etc/rc.d/init.d/functions

# Path to the auditd binary.
auditd=/usr/sbin/auditd
RETVAL=0

start() {
	echo -n $"Installing Audit Module: "
	insmod auditmodule
	echo
	umask 077
        sleep 1
	echo -n $"Starting $auditd: "
	$auditd &
	RETVAL=$?
	echo
	[ $RETVAL = 0 ] && touch /var/lock/subsys/auditd
	return $RETVAL
}
stop() {
	echo -n $"Stopping $auditd: "
	killproc $auditd
	RETVAL=$?
	echo
	[ $RETVAL = 0 ] && rm -f /var/lock/subsys/auditd /var/run/auditd.pid
	sleep 1
	rmmod auditmodule
}

# See how we were called.
case "$1" in
  start)
	start
	;;
  stop)
	stop
	;;
  status)
	status $auditd
	;;
  restart)
	stop
	start
	;;
  *)
	echo $"Usage: audit {start|stop|restart|status}"
	exit 1
esac

exit $RETVAL
