cvs commit: src/etc/rc.d auditd
Robert Watson
rwatson at FreeBSD.org
Wed Dec 6 15:32:39 PST 2006
On Wed, 6 Dec 2006, Doug Barton wrote:
>> Sleep for one second after calling audit -t to give the audit daemon a
>> chance to actually terminate the audit service and exit. Otherwise, on
>> an rc.d/auditd restart, the new audit daemon instance may try to start
>> auditing while the previous session is still running. Likewise, this
>> ensures a chance for auditd to terminate the audit trail at system
>> shutdown.
>>
>> Perhaps more ideally, the script would wait synchronously for auditd to
>> exit rather than for an arbitrary but short period of time.
>
> Perhaps a better change would be:
>
> /usr/sbin/audit -t while : ; do).
> if <something that indicates audit is not dead yet>; then
> echo 'Waiting for the audit system to terminate'
> sleep 1
> else
> break
> fi
> done
Is there a built-in mechanism in rc.d to wait for a process to exit? We'd
like to wait for auditd to exit, specifically, as a sign that auditing really
is terminated. For a variety of reasons, it's complicated to modify the
"audit -t" notification mechanism to wait synchronously for audit to
terminate. I have loose plans to work on it, but it will probably be a couple
of months before that happens (6.3, definitely not 6.2
Robert N M Watson
Computer Laboratory
University of Cambridge
More information about the cvs-src
mailing list