Initial commit

Signed-off-by: Qin Bo <bqin@linx-info.com>

install_shell/audit_patch.sh

@@ -0,0 +1,34 @@
+#!/bin/sh
+
+. ./check_function.sh
+
+AUDIT_CONFIG=/etc/audit/audit.rules
+
+check_config $AUDIT_CONFIG '^-f'  1 
+if [ $rtn -eq 1 ]; then
+	sed -i '/-f/s@[0-9]@1@' $AUDIT_CONFIG
+elif [ $rtn -eq 2 ]; then
+	line=$(grep -n ^-b  $AUDIT_CONFIG | cut -d: -f1)
+	num=`expr ${line} + 2`
+	sed -i "${num}a\-f 1" /etc/audit/audit.rules
+fi
+DATE=$(date +%Y%m%d)
+sed -i.bak_$DATE '/kill/d'  $AUDIT_CONFIG
+echo "#trace kill">> $AUDIT_CONFIG
+echo "#-a entry,always -F arch=b32 -F a1>0 -S kill">> $AUDIT_CONFIG
+echo "#-a entry,always -F arch=b64 -F a1>0 -S kill">> $AUDIT_CONFIG
+USER_NAME=$1
+USER_HOME=$2
+#if [ -z $1 ];then
+#	UNIT_NAME=guodiao
+#else
+#	UNIT_NAME=$1
+#fi
+# copy new script 
+install -o sys -g sys -m 755 auditd /etc/rc.d/init.d/auditd
+cp auditd.conf  /etc/audit
+cp audit.rules  /etc/audit/audit.rules.${USER_NAME}
+#sed -i "s#fujian#${UNIT_NAME}#g" /etc/audit/audit.rules.${USER_NAME}
+sed -i "s#/home/d5000/fujian#${USER_HOME}#g" /etc/audit/audit.rules.${USER_NAME}
+# restart deamon
+/etc/init.d/auditd restart