setroubleshoot/setroubleshoot.init

148 lines
3.4 KiB
Plaintext
Raw Normal View History

#!/bin/bash
#
# setroubleshoot This starts and stops setroubleshoot daemon
#
# chkconfig: 345 13 87
# description: This starts the SELinux Troubleshooting Daemon
#
# processname: /usr/sbin/setroubleshootd
# config: /etc/setroubleshoot/setroubleshoot.cfg
# pidfile: /var/run/setroubleshoot.pid
#
2007-09-08 19:51:52 +00:00
### BEGIN INIT INFO
# Provides: lsb-setroubleshootd
# Required-Start: $local_fs $syslog $network $named
# Required-Stop: $local_fs $syslog $network $named
# Default-Start: 3 4 5
# Default-Stop: 0 1 6
# Short-Description: start and stop SELinux Troubleshooting Daemon
# Description: controls operation of the SELinux Troubleshooting Daemon
# (setroubleshootd) which listens for SELinux AVC denial messages
# analyzes it and provides a friendly interpretation.
### END INIT INFO
# Return values according to LSB for all commands but status:
2007-09-08 19:51:52 +00:00
# 0 success
# 1 generic or unspecified error (current practice)
# 2 invalid or excess argument(s)
# 3 unimplemented feature (for example, "reload")
# 4 user had insufficient privilege
# 5 program is not installed
# 6 program is not configured
# 7 program is not running
# Command argument
# start start the service
# stop stop the service
# restart stop and restart the service if the service is already running, otherwise start the service
# try-restart restart the service if the service is already running
# reload cause the configuration of the service to be reloaded without actually stopping and restarting the service
# force-reload cause the configuration to be reloaded if the service supports this, otherwise restart the service if it is running
# status print the current status of the service
# start, stop, restart, force-reload, and status actions must be supported
# reload and the try-restart actions are optional.
# the init script.
PATH=/sbin:/bin:/usr/bin:/usr/sbin
# Source function library.
. /etc/init.d/functions
# Silently exit is SELinux is not enabled
[ -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled || exit 1
# Check that we are root ... so non-root users stop here
test `id -u` = 0 || exit 4
RETVAL=0
prog="setroubleshootd"
start(){
echo -n $"Starting $prog: "
unset HOME MAIL USER USERNAME
daemon $prog "$EXTRAOPTIONS"
RETVAL=$?
echo
if test $RETVAL = 0 ; then
touch /var/lock/subsys/$prog
fi
2007-09-24 20:58:48 +00:00
if test $RETVAL = 3 ; then
echo -n $"Cannot start $prog: SELinux not enabled"
fi
return $RETVAL
}
stop(){
echo -n $"Stopping $prog: "
killproc $prog
RETVAL=$?
echo
rm -f /var/lock/subsys/$prog
return $RETVAL
}
reload(){
echo -n $"Reloading configuration: "
killproc $prog -HUP
RETVAL=$?
echo
return $RETVAL
}
restart(){
stop
start
}
condrestart(){
[ -e /var/lock/subsys/$prog ] && restart
return 0
}
cleardb(){
running=0
[ -e /var/lock/subsys/$prog ] && running=1
[ $running == 1 ] && stop
echo $"Clearing database"
rm -f /var/lib/setroubleshoot/database.xml
rm -f /var/lib/setroubleshoot/audit_listener_database.xml
[ $running == 1 ] && start
return 0
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
status)
status $prog
;;
restart)
restart
;;
2007-09-08 19:51:52 +00:00
force-reload|reload)
reload
;;
2007-09-08 19:51:52 +00:00
try-restart|condrestart)
condrestart
;;
cleardb)
cleardb
;;
*)
2007-09-08 19:51:52 +00:00
echo $"Usage: $0 {start|stop|status|restart|try-restart|condrestart|reload|force-reload|cleardb}"
RETVAL=3
esac
exit $RETVAL