I get the following (truncated) output from --status-all
$ service --status-all
[..]
[ - ] ossec
[ - ] ossec-hids-authd
[..]
But I can't access it through service:
$ service status ossec-hids-authd
status: unrecognized service
My init.d script looks like this:
#!/bin/sh -e
#### BEGIN INIT INFO
# Provides: ossec-authd
# Required-Start: $network $local_fs $remote_fs
# Required-Stop: $network $local_fs $remote_fs
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Authentication Daemon for OSSEC-HIDS.
# Description: Provides key signing for OSSEC Clients
### END INIT INFO
NAME=ossec-authd
DAEMON=/var/ossec/bin/ossec-authd
DAEMON_ARGS="-p 1515 2>&1 >> /var/ossec/logs/ossec-authd.log &"
PIDFILE=/var/run/ossec-authd.pid
test -x ${DAEMON} || exit 5
case $1 in
start)
if [ -e $PIDFILE ]; then
status_of_proc -p $PIDFILE $DAEMON "$NAME process" && status="0" || status="$?"
if [ $status = "0" ]; then
exit
fi
fi
log_daemon_msg "Starting the process" "$NAME"
if start-stop-daemon --start --quiet --oknodo --pidfile $PIDFILE --exec $DAEMON -- $DAEMON_ARGS; then
log_end_msg 0
else
log_end_msg 1
fi
;;
stop)
if [ -e $PIDFILE ]; then
status_of_proc -p $PIDFILE $DAEMON "Stoppping the $NAME process" && status="0" || status="$?"
if [ "$status" = 0 ]; then
start-stop-daemon --stop --quiet --oknodo --pidfile $PIDFILE
/bin/rm -rf $PIDFILE
fi
else
log_daemon_msg "$NAME process is not running"
log_end_msg 0
fi
;;
restart)
$0 stop && sleep 2 && $0 start
;;
status)
if [ -e $PIDFILE ]; then
status_of_proc -p $PIDFILE $DAEMON "$NAME process" && exit 0 || exit $?
else
log_daemon_msg "$NAME Process is not running"
log_end_msg 0
fi
;;
reload)
if [ -e $PIDFILE ]; then
start-stop-daemon --stop --signal USR1 --quiet --pidfile $PIDFILE --name $NAME -- $DAEMON_ARGS
log_success_msg "$NAME process reloaded successfully"
else
log_failure_msg "$PIDFILE does not exists"
fi
;;
*)
echo "Usage: $0 {start|stop|restart|reload|status}"
exit 2
;;
esac
What have I done wrong?
And now the Ubuntu answer.
You've managed to avoid the unnecessary horror that is
ossec-control. But on Ubuntu Linux that System 5rcscript is an unnecessary horror all in itself.You are using Ubuntu Linux. You already have either upstart or systemd. Do not begin by writing System 5
rcscripts.systemd
In https://unix.stackexchange.com/a/200365/5132 I showed a simple systemd template service unit that could start a whole bunch of OSSEC HIDS services, as template instances. Unfortunately, it doesn't work with
ossec-authd, for the simple reason that that doesn't have an-foption like the other programs do. Ironically, this is because it doesn't have the unnecessary (yet again) code for double-forking that the other programs have, and that they have to have switched off with the-foption.So here's another template to save as
/etc/systemd/system/[email protected].This template is to be instantiated into the actual service as
[email protected]and the normal systemd controls are available:systemctl enable [email protected]to set the service to auto-start at bootstrap.systemctl start [email protected]to start the service now.systemctl status [email protected]to see the service status.The command to see service statuses is
or to see all loaded units, even the inactive ones.upstart
Having never had need of OSSEC HIDS under upstart myself, this is just a skeleton
/etc/init/ossec-authd.confthat you will have to work on.Further reading
systemctl. systemd manual pages. freedesktop.org.It seems like
service --status-allwill list down everything by file name and that my init.d script is broken somehow.