blob: 149588be4563189b10f43ecbaaa54b992100bd05 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
|
#!/bin/sh
# $FreeBSD$
# PROVIDE: auditbeat
# REQUIRE: DAEMON
# BEFORE: LOGIN
# KEYWORD: shutdown
# Add the following lines to /etc/rc.conf to enable auditbeat:
#
# auditbeat_enable (bool): Set to YES to enable auditbeat
# Default: NO
# auditbeat_flags (str): Extra flags passed to auditbeat
# auditbeat_config (str): auditbeat configuration directory
# Default: ${PREFIX}/etc/beats
# auditbeat_conffile (str): auditbeat configuration file
# relative to ${auditbeat_conf}
# Default: auditbeat.yml
. /etc/rc.subr
name="auditbeat"
rcvar=${name}_enable
load_rc_config $name
: ${auditbeat_enable:="NO"}
: ${auditbeat_config:="%%ETCDIR%%"}
: ${auditbeat_conffile:="auditbeat.yml"}
: ${auditbeat_home:="%%DATADIR%%/auditbeat"}
: ${auditbeat_logs:="/var/log/beats"}
: ${auditbeat_data:="/var/db/beats/auditbeat"}
# daemon
start_precmd=auditbeat_prestart
command=/usr/sbin/daemon
pidfile="/var/run/${name}"
command_args="-frP ${pidfile} %%PREFIX%%/sbin/${name} ${auditbeat_flags} --path.config ${auditbeat_config} --path.home ${auditbeat_home} --path.data ${auditbeat_data} --path.logs ${auditbeat_logs} -c ${auditbeat_conffile}"
auditbeat_prestart() {
# Have to empty rc_flags so they don't get passed to daemon(8)
rc_flags=""
}
# auditbeat will refuse to quit if linprocfs is mounted, and sadly requires -9
[ -f /compat/linux/proc/cpuinfo ] && stop_cmd=auditbeat_stop
auditbeat_stop() {
pkill -9 -F ${pidfile} > /dev/null 2>&1
pkill -9 -F ${pidfile}.child > /dev/null 2>&1
}
run_rc_command "$1"
|
