# how to change the start command of an rc.d script



## patpro (Jul 7, 2011)

Hello,

I'm running FreeBSD 8.x. I would like to change the behavior of the start command of an rc.d script. The purpose is to start Apache 2.2 using this command:

[cmd=]/usr/local/sbin/setaudit -a www -m fc,fd,ex /usr/local/sbin/httpd[/cmd]
instead of just:
[cmd=]/usr/local/sbin/httpd[/cmd]

If I put 
	
	



```
apache22_program="/usr/local/sbin/setaudit -a www -m fc,fd,ex /usr/local/sbin/httpd"
```
 into /etc/rc.conf to override the value of "command", it breaks ("start" works but complains, and "restart" breaks).


----------



## phoenix (Jul 7, 2011)

Modify the rc.d script directly, obviously.  

Just be sure to add a comment as to what/why you are making the change.


----------



## patpro (Jul 8, 2011)

Well, I though about doing this, but the problem remains the same. What would I put in the /usr/local/etc/rc.d/apache22 file? Replacing the value of "command" is not an option, because it breaks. Recreating the start command is complex (see rc.subr for details)

I'll try to replace /usr/local/etc/rc.d/apache22 with a wrapper containing:


```
/usr/local/sbin/setaudit -a www -m fc,fd,ex /usr/local/etc/rc.d/apache22.origin $1
```

but I'm not sure it's "best practice" 
I would have loved being able to tune everything in /etc/rc.conf.


----------



## patpro (Jul 13, 2011)

Finally, I've done that:

*1-* edit /usr/local/etc/rc.d/apache22 to change the default start command, and to provide a new start command.
around line 32 I've added:


```
start_cmd="apache22_auditstart"
```

around line 164 I've added:


```
apache22_auditstart() {
	echo "Starting apache22 with audit"
	eval /usr/local/sbin/setaudit ${apache22_auditflags} ${command} ${apache22_flags} -k start 
}
```

*2-* edit /etc/rc.conf to add a value for apache22_auditflags:


```
apache22_auditflags="-a www -m ex,lo,ad,-pc,fd,-fc,-fm,-fw"
```

Now, when I (re)start Apache by using the command:


```
/usr/local/etc/rc.d/apache22 start
```

Apache is launched as if I've used:


```
/usr/local/sbin/setaudit -a www -m ex,lo,ad,-pc,fd,-fc,-fm,-fw httpd -k start
```

and auditing for user www and httpd processes is activated. Changing auditd flags requires only to edit /etc/rc.conf and restarting Apache, and modification of /usr/local/etc/rc.d/apache22 is kept at its minimum.


----------

