blob: e4eada7cf837c231239820edbf478298f54caea2 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
|
#!/bin/bash
. `dirname $0`/functions
option bin reserved_option /opt/echelog/sbin/echelogd
option config standard_option /etc/echelog/echelog.conf
option runas standard_option echelogc:daemon
option cmdline reserved_option '$bin -C $opt_config'
#option check_interval reserved_option 60
# assign default values to options and variables before parsing the cfg file
function fct_pre_start {
local path=$( dirname $opt_config )
local file
if [ ! -r $opt_config ] ; then
echo "Can't read configuration file '$opt_config'."
exit 1
fi
while read ; do
set -- $REPLY
if [ "$1" = Module ] ; then
# build all directories
for file in $( grep -i "^\(SpoolDir\|StateDir\)" $path/$(eval echo $4) \
| awk '{print $2}' ) ; do
if [ -d "$file" ] ; then :
elif [ -L "$file" -a -d "$( readlink $file )" ] ; then :
elif [ -e "$file" ] ; then
echo "Wished directory '$file' isn't a directory."
exit 1
else
mkdir -p -m 700 $file || { echo "Can't create directory '$file'."; exit 1; }
chown $opt_runas $file
fi
done
# sender module initialization
if [ "$3" = "sender" ] ; then
valueof $path/$(eval echo $4) SpoolDir > /dev/null 2>&1
if [ ! -e "$REPLY/spool.dat" ] ; then
touch $REPLY/.renumbered && chown $opt_runas $REPLY/.renumbered
fi
fi
fi
done < $opt_config
# check others directories
for path in /var/lib/echelog/{socks,run} /var/{cache,log}/echelog ; do
if [ ! -e $path ] ; then
mkdir -p -m 700 $path # && chown $opt_runas $path
fi
done
}
function kill_pid {
REPLY=$*
retry=0
while [ "$REPLY" ]; do
retry=$[$retry+1]
if [ $retry == 1 ] ; then
$(dirname $bin)/echelogctl stop && sleep 5 || break
REPLY=`ps ho pid $REPLY`
continue
fi
if [ $retry -le 3 ]; then kill -CONT $REPLY && kill -$STOP_FIRST_WITH $REPLY || break; sleep $retry
elif [ $retry -gt 3 ]; then kill -9 $REPLY || break; sleep 1
else break; fi
REPLY=`ps ho pid $REPLY`
done
}
function do_stop {
local pname=$1
local instname=$2
local pid
local retry
shift
pname=${procname:-$pname}
# stop service from pidof data
svc_pidof -o $$ $pname > /dev/null
echo "# Stopping process $pname${instname:+[$instname]} (pids : $REPLY) ..."
retry=0
kill_pid $REPLY
if [ "$REPLY" ]; then
echo " ==> stop $pname${instname:+[$instname]} Failed. (pids : $REPLY)"
return 1
else
declare -F fct_post_stop >/dev/null && fct_post_stop $pname $instname
echo " ==> stop $pname${instname:+[$instname]} Done."
return 0
fi
}
function fct_post_stop {
while read ; do
set -- $REPLY
if [ "$1" == Define ] ; then
kill_pid $( ps ho pid -C $( basename $( eval echo $3) ) )
fi
done < $opt_config
}
function do_status {
local pname=$1
local instname=$2
local pids return=0
shift
pname=${procname:-$pname}
# get info from pidof command
svc_pidof -o $$ $pname > /dev/null ; pids=$REPLY
if [ "$pids" ] ; then
echo "Process $pname${instname:+[$instname]} running without pidfile:$pids"
else
echo "Process $pname${instname:+[$instname]} stopped (no pidfile used)."
return=1
fi
pids=""
while read ; do
set -- $REPLY
if [ "$1" == Define ] ; then
pids=${pids:+$pids }$( ps ho pid -C $( basename $( eval echo $3) ) )
fi
done < $opt_config
if [ "$pids" ] ; then
echo "Children processes running pidfile:$( echo $pids )"
fi
return $return
}
function do_install {
valueof /etc/echelog/modules/sender.conf PrivateKeyFile > /dev/null
keyfile=$REPLY
valueof /etc/echelog/modules/sender.conf CertificateFile > /dev/null
certfile=$REPLY
if [ ! -e $keyfile ] ; then
# generate key
openssl genrsa -out $keyfile 1024 || exit 1
fi
if [ ! -s $certfile ] ; then
echo -n "Country [FR]: " ; read COUNTRY ; COUNTRY=${COUNTRY:-FR}
echo -n "State []: "; read STATE
echo -n "Locality []: "; read LOCALITY
echo -n "Organisation Name []: " ; read ORGA_NAME
echo -n "Organisation Unit []: " ; read ORGA_UNIT
echo -n "Common Name [$HOSTNAME]: " ;
read COMMON_NAME ; COMMON_NAME=${COMMON_NAME:-$HOSTNAME}
echo -n "Email Address []: " ; read EMAIL
( echo "[ req ]" ;
echo "default_bits = 1024"
echo "default_keyfile = keyfile.pem"
echo "distinguished_name = req_distinguished_name"
echo "attributes = req_attributes"
echo "prompt = no"
echo "[ req_distinguished_name ]"
[ "$COUNTRY" ] && echo "C = $COUNTRY"
[ "$STATE" ] && echo "ST = $STATE"
[ "$LOCALITY" ] && echo "L = $LOCALITY"
[ "$ORGA_NAME" ] && echo "O = $ORGA_NAME"
[ "$ORGA_UNIT" ] && echo "OU = $ORGA_UNIT"
[ "$COMMON_NAME" ] && echo "CN = $COMMON_NAME"
[ "$EMAIL" ] && echo "emailAddress = $EMAIL"
echo "[ req_attributes ]" ) > /tmp/req.txt
openssl req -new -days 1200 -nodes -key $keyfile \
-out /tmp/req.pem -config /tmp/req.txt || exit 1
echo "Merci de certifier la requête suivant:"
cat /tmp/req.pem
echo "Le certificat généré:"
cat > $certfile
fi
}
function do_check {
echo "$HOSTNAME $1.$2 $(date +%s) RUNNING 0 OK"
}
load_config
|
