Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /etc/rc.d/init.d/ drwxr-xr-x | |
| Viewing file: Select action/file-type: #!/bin/bash
#
# auditd This starts and stops auditd
#
# chkconfig: 2345 11 88
# description: This starts the Linux Auditing System Daemon, \
# which collects security related events in a dedicated \
# audit log. If this daemon is turned off, audit events \
# will be sent to syslog.
#
# processname: /sbin/auditd
# config: /etc/sysconfig/auditd
# config: /etc/audit/auditd.conf
# pidfile: /var/run/auditd.pid
#
# Return values according to LSB for all commands but status:
# 0 - success
# 1 - generic or unspecified error
# 2 - invalid or excess argument(s)
# 3 - unimplemented feature (e.g. "reload")
# 4 - insufficient privilege
# 5 - program is not installed
# 6 - program is not configured
# 7 - program is not running
#
PATH=/sbin:/bin:/usr/bin:/usr/sbin
prog="auditd"
# Source function library.
. /etc/init.d/functions
# Allow anyone to run status
if [ "$1" = "status" ] ; then
status $prog
RETVAL=$?
exit $RETVAL
fi
# Check that we are root ... so non-root users stop here
test $EUID = 0 || exit 4
# Check config
test -f /etc/sysconfig/auditd && . /etc/sysconfig/auditd
RETVAL=0
start(){
test -x /sbin/auditd || exit 5
test -f /etc/audit/auditd.conf || exit 6
echo -n $"Starting $prog: "
# Localization for auditd is controlled in /etc/synconfig/auditd
if [ -z "$AUDITD_LANG" -o "$AUDITD_LANG" = "none" -o "$AUDITD_LANG" = "NONE" ]; then
unset LANG LC_TIME LC_ALL LC_MESSAGES LC_NUMERIC LC_MONETARY LC_COLLATE
else
LANG="$AUDITD_LANG"
LC_TIME="$AUDITD_LANG"
LC_ALL="$AUDITD_LANG"
LC_MESSAGES="$AUDITD_LANG"
LC_NUMERIC="$AUDITD_LANG"
LC_MONETARY="$AUDITD_LANG"
LC_COLLATE="$AUDITD_LANG"
export LANG LC_TIME LC_ALL LC_MESSAGES LC_NUMERIC LC_MONETARY LC_COLLATE
fi
unset HOME MAIL USER USERNAME
daemon $prog "$EXTRAOPTIONS"
RETVAL=$?
echo
if test $RETVAL = 0 ; then
touch /var/lock/subsys/auditd
# Load the default rules
test -f /etc/audit/audit.rules && /sbin/auditctl -R /etc/audit/audit.rules >/dev/null
fi
return $RETVAL
}
stop(){
echo -n $"Stopping $prog: "
killproc $prog
RETVAL=$?
echo
rm -f /var/lock/subsys/auditd
# Remove watches so shutdown works cleanly
if test x"$AUDITD_CLEAN_STOP" != "x" ; then
if test "`echo $AUDITD_CLEAN_STOP | tr 'NO' 'no'`" != "no"
then
/sbin/auditctl -D >/dev/null
fi
fi
if test x"$AUDITD_STOP_DISABLE" != "x" ; then
if test "`echo $AUDITD_STOP_DISABLE | tr 'NO' 'no'`" != "no"
then
/sbin/auditctl -e 0 >/dev/null
fi
fi
return $RETVAL
}
reload(){
test -f /etc/audit/auditd.conf || exit 6
echo -n $"Reloading configuration: "
killproc $prog -HUP
RETVAL=$?
echo
return $RETVAL
}
rotate(){
echo -n $"Rotating logs: "
killproc $prog -USR1
RETVAL=$?
echo
return $RETVAL
}
resume(){
echo -n $"Resuming logging: "
killproc $prog -USR2
RETVAL=$?
echo
return $RETVAL
}
restart(){
test -f /etc/audit/auditd.conf || exit 6
stop
start
}
condrestart(){
[ -e /var/lock/subsys/auditd ] && restart
return 0
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
restart
;;
reload)
reload
;;
rotate)
rotate
;;
resume)
resume
;;
condrestart)
condrestart
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart|reload|rotate|resume}"
RETVAL=3
esac
exit $RETVAL
|
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0057 ]-- |