summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorWilly Tarreau <w@1wt.eu>2006-07-16 15:09:44 +0200
committerWilly Tarreau <willy@wtap.(none)>2006-07-26 11:59:37 +0200
commit70a64deff634179dc90338722d38efdfeb3d0dc2 (patch)
tree71cfab1839a2cad826865505b37236ef448e57e1
parent[RELEASE] init-scripts-0.3.4 (diff)
downloadinit-scripts-70a64deff634179dc90338722d38efdfeb3d0dc2.tar.gz
[RELEASE] init-scripts-0.3.5v0.3.5
-rwxr-xr-xsbin/init.d/echelogd45
-rwxr-xr-xsbin/init.d/functions54
-rwxr-xr-xsbin/init.d/network5
-rwxr-xr-xsbin/init.d/sshd89
-rwxr-xr-xsbin/init.d/stat9
5 files changed, 190 insertions, 12 deletions
diff --git a/sbin/init.d/echelogd b/sbin/init.d/echelogd
index 53f606c..e4eada7 100755
--- a/sbin/init.d/echelogd
+++ b/sbin/init.d/echelogd
@@ -134,7 +134,50 @@ function do_status {
return $return
}
-
+function do_install {
+ valueof /etc/echelog/modules/sender.conf PrivateKeyFile > /dev/null
+ keyfile=$REPLY
+ valueof /etc/echelog/modules/sender.conf CertificateFile > /dev/null
+ certfile=$REPLY
+
+ if [ ! -e $keyfile ] ; then
+ # generate key
+ openssl genrsa -out $keyfile 1024 || exit 1
+ fi
+ if [ ! -s $certfile ] ; then
+ echo -n "Country [FR]: " ; read COUNTRY ; COUNTRY=${COUNTRY:-FR}
+ echo -n "State []: "; read STATE
+ echo -n "Locality []: "; read LOCALITY
+ echo -n "Organisation Name []: " ; read ORGA_NAME
+ echo -n "Organisation Unit []: " ; read ORGA_UNIT
+ echo -n "Common Name [$HOSTNAME]: " ;
+ read COMMON_NAME ; COMMON_NAME=${COMMON_NAME:-$HOSTNAME}
+ echo -n "Email Address []: " ; read EMAIL
+
+ ( echo "[ req ]" ;
+ echo "default_bits = 1024"
+ echo "default_keyfile = keyfile.pem"
+ echo "distinguished_name = req_distinguished_name"
+ echo "attributes = req_attributes"
+ echo "prompt = no"
+ echo "[ req_distinguished_name ]"
+ [ "$COUNTRY" ] && echo "C = $COUNTRY"
+ [ "$STATE" ] && echo "ST = $STATE"
+ [ "$LOCALITY" ] && echo "L = $LOCALITY"
+ [ "$ORGA_NAME" ] && echo "O = $ORGA_NAME"
+ [ "$ORGA_UNIT" ] && echo "OU = $ORGA_UNIT"
+ [ "$COMMON_NAME" ] && echo "CN = $COMMON_NAME"
+ [ "$EMAIL" ] && echo "emailAddress = $EMAIL"
+ echo "[ req_attributes ]" ) > /tmp/req.txt
+
+ openssl req -new -days 1200 -nodes -key $keyfile \
+ -out /tmp/req.pem -config /tmp/req.txt || exit 1
+ echo "Merci de certifier la requête suivant:"
+ cat /tmp/req.pem
+ echo "Le certificat généré:"
+ cat > $certfile
+ fi
+}
function do_check {
echo "$HOSTNAME $1.$2 $(date +%s) RUNNING 0 OK"
diff --git a/sbin/init.d/functions b/sbin/init.d/functions
index 9216872..8d46897 100755
--- a/sbin/init.d/functions
+++ b/sbin/init.d/functions
@@ -133,6 +133,60 @@ function svc_pidof {
REPLY="" && [ "$found" ] && REPLY=$found && echo $REPLY
}
+######################
+# EXPORTED FUNCTIONS #
+######################
+
+# this eventually remounts the filesystem hosting the directory given in the
+# argument read-write.
+# It returns :
+# - 0 if it was RO and has successfully been remounted RW
+# - 1 if it was already RW
+# - 2 if it could not be remounted RW
+
+function remount_rw {
+ local root
+ set -- $(df $1|tail +2)
+ root=$6
+ set -- $(grep -v '^rootfs' /proc/mounts |cut -f2- -d' '|grep "^$root ")
+ if [ "${3/rw//}" != "$3" ]; then
+ return 1
+ fi
+ echo -n " - remounting $root read-write ..."
+ if mount -wo remount $root >/dev/null 2>&1; then
+ echo " => done."
+ return 0
+ else
+ echo " => failed."
+ return 2
+ fi
+}
+
+# this eventually remounts the filesystem hosting the directory given in the
+# argument read-only.
+# It returns :
+# - 0 if it was RW and has successfully been remounted RO
+# - 1 if it was already RO
+# - 2 if it could not be remounted RO
+
+function remount_ro {
+ local root
+ set -- $(df $1|tail +2)
+ root=$6
+ set -- $(grep -v '^rootfs' /proc/mounts |cut -f2- -d' '|grep "^$root ")
+ if [ "${3/ro//}" != "$3" ]; then
+ return 1
+ fi
+ echo -n " - remounting $root read-only ..."
+ if mount -ro remount $root >/dev/null 2>&1; then
+ echo " => done."
+ return 0
+ else
+ echo " => failed."
+ return 2
+ fi
+}
+
########################################
# CONFIGURATION FILE LOADING FUNCTIONS #
########################################
diff --git a/sbin/init.d/network b/sbin/init.d/network
index 8c2a570..26963ad 100755
--- a/sbin/init.d/network
+++ b/sbin/init.d/network
@@ -159,9 +159,10 @@ function do_start {
if [ ${#opt_slave[*]} -gt 0 ]; then
for arg in ${opt_slave[*]}; do
if ! $PFULLNAME status $arg >/dev/null 2>&1; then
- echo " ==> need to start slave $arg first"
+ echo " ==> FAILED! need to start slave $arg before $instname"
else
- ifenslave $instname $arg
+ ifenslave $instname $arg >/dev/null 2>&1
+ ip addr flush dev $arg >/dev/null 2>&1
fi
done
fi
diff --git a/sbin/init.d/sshd b/sbin/init.d/sshd
index a4c636f..76327cf 100755
--- a/sbin/init.d/sshd
+++ b/sbin/init.d/sshd
@@ -4,16 +4,91 @@
STOP_FIRST_WITH=KILL
-option bin reserved_option /usr/sbin/sshd
-option cmdline reserved_option '$bin -p $opt_port -f $opt_config -h $opt_hostkey'
-option port standard_option 22
-option config standard_option /etc/ssh/sshd_config
-option hostkey standard_option /etc/ssh/ssh_host_key
+option bin reserved_option /usr/sbin/sshd
+option cmdline reserved_option '$bin ${opt_port:+-p $opt_port} ${opt_config:+-f $opt_config} ${opt_protocol:+-oProtocol=$opt_protocol} ${opt_listen:+-oListenAddress=$opt_listen}'
+option port standard_option
+option config standard_option
+option protocol standard_option
+option listen standard_option
+
+sshd_cfgfile=""
# assign default values to options and variables before parsing the cfg file
function fct_end_section {
- valueof $opt_config HostKey > /dev/null ; opt_hostkey=${REPLY:-$opt_hostkey}
- valueof $opt_config PidFile > /dev/null ; pidfile=${REPLY:-$pidfile}
+ sshd_cfgfile=${opt_config:-/etc/ssh/sshd_config}
+ valueof $sshd_cfgfile HostKey > /dev/null
+ hostkey_list=$REPLY
+ valueof $sshd_cfgfile PidFile > /dev/null ; pidfile=${REPLY:-$pidfile}
+}
+
+function sshd_find_keys {
+ if [ -z "$hostkey_list" ]; then
+ echo " File $sshd_cfgfile references no key."
+ if [ -z "$opt_protocol" -o "${opt_protocol/1//}" != "$opt_protocol" ]; then
+ echo " Assuming /etc/ssh/ssh_host_key for Protocol v1."
+ hostkey_list="$hostkey_list /etc/ssh/ssh_host_key"
+ fi
+ if [ -z "$opt_protocol" -o "${opt_protocol/2//}" != "${opt_protocol}" ]
+ then
+ echo " Assuming /etc/ssh/ssh_host_rsa_key for Protocol v2."
+ hostkey_list="$hostkey_list /etc/ssh/ssh_host_rsa_key"
+ echo " Assuming /etc/ssh/ssh_host_dsa_key for Protocol v2."
+ hostkey_list="$hostkey_list /etc/ssh/ssh_host_dsa_key"
+ fi
+ else
+ echo " File $sshd_cfgfile references these keys : $hostkey_list"
+ fi
+}
+
+function fct_pre_start {
+ local missing=0
+ local key
+ local must_remount_ro=0
+
+ sshd_find_keys
+ for key in $hostkey_list; do
+ if [ ! -e "$key" ]; then
+ echo " Warning! host key $key does not exist."
+ missing=$[$missing+1]
+ fi
+ done
+
+ if [ "$missing" -gt "0" ]; then
+ echo " Trying to generate the keys before starting SSHD."
+ remount_rw /etc && must_remount_ro=1
+ do_install
+ [ $must_remount_ro -eq 1 ] && remount_ro /etc
+ echo " Now starting SSHD."
+ fi
+}
+
+function do_install {
+ local type=""
+ local key
+
+ sshd_find_keys
+ for key in $hostkey_list; do
+ if [ ! -e "$key" ]; then
+ case "$key" in
+ */ssh_host_key*) type=rsa1 ;;
+ */ssh_host_rsa_key*) type=rsa ;;
+ */ssh_host_dsa_key*) type=dsa ;;
+ *) type=""
+ echo " Warning! host key $key does not exist and cannot"
+ echo " be auto-generated since it does not have a standard name."
+ echo " If SSHD doesn't start, you'll have to generate it manually this way :"
+ echo " # ssh-keygen -t { rsa1 | rsa | dsa } -N '' -f $key"
+ echo
+ ;;
+ esac
+ if [ "$type" ]; then
+ ssh-keygen -t $type -N '' -f $key
+ if [ ! -e "$key" ]; then
+ echo " ERROR : ssh-keygen could not generate $type host key $key"
+ fi
+ fi
+ fi
+ done
}
load_config
diff --git a/sbin/init.d/stat b/sbin/init.d/stat
index cdbfca9..b049145 100755
--- a/sbin/init.d/stat
+++ b/sbin/init.d/stat
@@ -49,7 +49,7 @@ function do_start {
if [ -z "$opt_runas" ] ; then
( $bin $cmdline )
else
- ( su - $opt_runas $cmdline )
+ ( su - $opt_runas -- $cmdline )
fi
if [ "$?" = 0 ] ; then
@@ -70,9 +70,14 @@ function do_check {
run_stat=STOPPED
uptime=0
fi
+ if [ ! -e $opt_statusfile ] ; then
+ echo "$HOSTNAME $service.$instance $(date +%s) STOPPED"
+ return 1
+ fi
+
read idsvc date status result < $opt_statusfile > /dev/null 2>&1
if [ $? != 0 ] ; then
- echo "$HOSTNAME $2 $(date +%s) FATAL" ; return 1
+ echo "$HOSTNAME $2 $(date +%s) STOPPED" ; return 1
fi
diff=$[ $(date +%s) - $date ]