mirror of
https://github.com/valitydev/osquery-1.git
synced 2024-11-07 18:08:53 +00:00
134 lines
3.2 KiB
Bash
Executable File
134 lines
3.2 KiB
Bash
Executable File
#!/bin/sh
|
|
#
|
|
# osqueryd Start/Stop the osquery daemon.
|
|
#
|
|
# chkconfig: 345 90 60
|
|
# Description:
|
|
# With osquery, you can use SQL to query low-level
|
|
# operating system information. Under the hood, instead
|
|
# of querying static tables, these queries dynamically execute
|
|
# high-performance native code. The results of the
|
|
# SQL query are transparently returned to you quickly and easily
|
|
#
|
|
### BEGIN INIT INFO
|
|
# Provides: osquery osqueryd
|
|
# Required-Start: $local_fs $syslog
|
|
# Required-Stop: $local_fs $syslog
|
|
# Default-Start: 345
|
|
# Default-Stop: 90
|
|
# Short-Description: run osqueryd daemon
|
|
# Description:
|
|
# With osquery, you can use SQL to query low-level
|
|
# operating system information. Under the hood, instead
|
|
# of querying static tables, these queries dynamically execute
|
|
# high-performance native code. The results of the
|
|
# SQL query are transparently returned to you quickly and easily
|
|
#
|
|
#
|
|
### END INIT INFO
|
|
|
|
if [ -z $RETVAL ]; then RETVAL=0; fi
|
|
if [ -z $PROG ]; then PROG="osqueryd"; fi
|
|
if [ -z $EXEC ]; then EXEC=/usr/bin/osqueryd; fi
|
|
if [ -z $FLAGS_PATH ]; then FLAGS_PATH=/etc/osquery/osquery.flags; fi
|
|
if [ -z $REAL_CONFIG_PATH ]; then REAL_CONFIG_PATH=/etc/osquery/osquery.conf; fi
|
|
if [ -z $LOCKFILE ]; then LOCKFILE=/var/lock/osqueryd; fi
|
|
if [ -z $PIDFILE ]; then PIDFILE=/var/run/osqueryd.pid; fi
|
|
if [ -z $UID ]; then UID=$(id -u); fi
|
|
|
|
if [ $UID -eq 0 ] && [ -e /etc/sysconfig/$PROG ]; then
|
|
. /etc/sysconfig/$PROG
|
|
fi
|
|
|
|
if [ -e /etc/init.d/functions ]; then
|
|
. /etc/init.d/functions
|
|
fi
|
|
|
|
if [ ! -e $FLAGS_PATH ] && [ ! -e $REAL_CONFIG_PATH ]; then
|
|
echo "No config file found at $REAL_CONFIG_PATH"
|
|
echo "Additionally, no flags file or config override found at $FLAGS_PATH"
|
|
echo "See '/usr/share/osquery/osquery.example.conf' for an example config."
|
|
RETVAL=1
|
|
fi
|
|
|
|
ensure_root() {
|
|
if [ $UID -ne 0 ] ; then
|
|
echo "User has insufficient privilege."
|
|
RETVAL=1
|
|
fi
|
|
}
|
|
|
|
start() {
|
|
ensure_root
|
|
|
|
ARGS=""
|
|
if [ -f $PIDFILE ]; then
|
|
PID=$(cat $PIDFILE)
|
|
PROCNAME=$(ps -p $PID -o comm\=)
|
|
if [ "$PROCNAME" = "$PROG" ]; then
|
|
return 0
|
|
else
|
|
# osqueryd pidfile exists but it's not running
|
|
rm $PIDFILE
|
|
fi
|
|
fi
|
|
|
|
if [ -e $FLAGS_PATH ]; then ARGS="$ARGS --flagfile=$FLAGS_PATH"; fi
|
|
if [ -e $REAL_CONFIG_PATH ]; then ARGS="$ARGS --config_path=$REAL_CONFIG_PATH"; fi
|
|
|
|
$PROG $ARGS \
|
|
--pidfile=$PIDFILE \
|
|
--daemonize=true
|
|
RETVAL=$?
|
|
}
|
|
|
|
stop() {
|
|
ensure_root
|
|
|
|
if [ ! -f $PIDFILE ] ; then
|
|
RETVAL=0
|
|
else
|
|
PID=$(cat $PIDFILE)
|
|
pkill -P $PID && kill -9 $PID
|
|
rm -f $PIDFILE
|
|
fi
|
|
}
|
|
|
|
restart() {
|
|
stop
|
|
start
|
|
}
|
|
|
|
status() {
|
|
if [ ! -f $PIDFILE ] ; then
|
|
echo "$PROG is not running. no pidfile found."
|
|
RETVAL=7
|
|
else
|
|
PID=$(cat $PIDFILE)
|
|
PROCNAME=$(ps -p $PID -o comm\=)
|
|
if [ "$PROCNAME" = "$PROG" ]; then
|
|
echo "$PROG is already running: $PID"
|
|
RETVAL=0
|
|
else
|
|
# osqueryd pidfile exists but it's not running
|
|
echo "$PROG is not running but a stale pidfile was found."
|
|
RETVAL=7
|
|
fi
|
|
fi
|
|
}
|
|
|
|
usage() {
|
|
echo "Usage: $0 {start|stop|status|restart}"
|
|
RETVAL=2
|
|
}
|
|
|
|
case "$1" in
|
|
start) start ;;
|
|
stop) stop ;;
|
|
restart) restart ;;
|
|
status) status ;;
|
|
*) usage ;;
|
|
esac
|
|
|
|
exit ${RETVAL}
|