From: Serge L. <sma...@us...> - 2009-02-24 19:28:09
|
Update of /cvsroot/devil-linux/build/scripts/scripts In directory fdv4jf1.ch3.sourceforge.com:/tmp/cvs-serv10825/scripts Modified Files: ipsec Log Message: - added/fixed init script Index: ipsec =================================================================== RCS file: /cvsroot/devil-linux/build/scripts/scripts/ipsec,v retrieving revision 1.5 retrieving revision 1.6 diff -u -d -r1.5 -r1.6 --- ipsec 17 Oct 2005 19:16:16 -0000 1.5 +++ ipsec 24 Feb 2009 19:28:00 -0000 1.6 @@ -1,55 +1,33 @@ -#!/bin/sh -# IPsec startup and shutdown script -# Copyright (C) 1998, 1999, 2001 Henry Spencer. -# Copyright (C) 2002 Michael Richardson <mc...@fr...> -# -# This program is free software; you can redistribute it and/or modify it -# under the terms of the GNU General Public License as published by the -# Free Software Foundation; either version 2 of the License, or (at your -# option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License -# for more details. -# -# RCSID $Id$ -# -# ipsec init.d script for starting and stopping -# the IPsec security subsystem (KLIPS and Pluto). -# -# This script becomes /etc/rc.d/init.d/ipsec (or possibly /etc/init.d/ipsec) -# and is also accessible as "ipsec setup" (the preferred route for human -# invocation). -# -# The startup and shutdown times are a difficult compromise (in particular, -# it is almost impossible to reconcile them with the insanely early/late -# times of NFS filesystem startup/shutdown). Startup is after startup of -# syslog and pcmcia support; shutdown is just before shutdown of syslog. -# -# chkconfig: 2345 47 76 -# description: IPsec provides encrypted and authenticated communications; \ -# KLIPS is the kernel half of it, Pluto is the user-level management daemon. - - +#! /bin/sh # # $Source$ # $Revision$ # $Date$ # # http://www.devil-linux.org - +# ### BEGIN INIT INFO # Provides: ipsec # Required-Start: $network $syslog $named # Required-Stop: $network $syslog $named # Default-Start: 3 5 # Default-Stop: 0 1 2 6 -# Description: starts FreeS/WAN +# Short-Description: Strongswan IPsec services ### END INIT INFO -# settings +# settings/functions source /etc/sysconfig/config +source /etc/init.d/functions + +DAEMON=/usr/sbin/ipsec +PIDFILE=/var/run/ipsec.pid + +# Exit if the package is not installed +if [ ! -e $DAEMON ]; then + echo + echo "$DAEMON not found. Did you install the package?" + exit 1 +fi CONFIGNAME=IPSEC eval START=\$START_$CONFIGNAME @@ -62,145 +40,27 @@ test $link = $base && START=yes test "$START" = "yes" || exit 0 -me='ipsec setup' # for messages - -# where the private directory and the config files are -IPSEC_EXECDIR="${IPSEC_EXECDIR-/usr/libexec/ipsec}" -IPSEC_LIBDIR="${IPSEC_LIBDIR-/usr/lib/ipsec}" -IPSEC_SBINDIR="${IPSEC_SBINDIR-/usr/sbin}" -IPSEC_CONFS="${IPSEC_CONFS-/etc}" - -if test " $IPSEC_DIR" = " " # if we were not called by the ipsec command -then - # we must establish a suitable PATH ourselves - PATH="${IPSEC_SBINDIR}":/sbin:/usr/sbin:/usr/local/bin:/bin:/usr/bin - export PATH - - IPSEC_DIR="$IPSEC_LIBDIR" - export IPSEC_DIR IPSEC_CONFS IPSEC_LIBDIR IPSEC_EXECDIR -fi - -# Check that the ipsec command is available. -found= -for dir in `echo $PATH | tr ':' ' '` -do - if test -f $dir/ipsec -a -x $dir/ipsec - then - found=yes - break # NOTE BREAK OUT - fi -done -if ! test "$found" -then - echo "cannot find ipsec command -- \`$1' aborted" | - logger -s -p daemon.error -t ipsec_setup - exit 1 -fi - -# accept a few flags - -export IPSEC_setupflags -IPSEC_setupflags="" - -config="" - -for dummy -do - case "$1" in - --showonly|--show) IPSEC_setupflags="$1" ;; - --config) config="--config $2" ; shift ;; - *) break ;; - esac - shift -done - - -# Pick up IPsec configuration (until we have done this, successfully, we -# do not know where errors should go, hence the explicit "daemon.error"s.) -# Note the "--export", which exports the variables created. -eval `ipsec _confread $config --optional --varprefix IPSEC --export --type config setup` - -if test " $IPSEC_confreadstatus" != " " -then - case $1 in - stop|--stop|_autostop) - echo "$IPSEC_confreadstatus -- \`$1' may not work" | - logger -s -p daemon.error -t ipsec_setup;; - - *) echo "$IPSEC_confreadstatus -- \`$1' aborted" | - logger -s -p daemon.error -t ipsec_setup; - exit 1;; - esac -fi - -IPSEC_confreadsection=${IPSEC_confreadsection:-setup} -export IPSEC_confreadsection - -IPSECsyslog=${IPSECsyslog-daemon.error} -export IPSECsyslog - -# misc setup -umask 022 - -mkdir -p /var/run/pluto - - -# do it case "$1" in - start|--start|stop|--stop|_autostop|_autostart) - if test " `id -u`" != " 0" - then - echo "permission denied (must be superuser)" | - logger -s -p $IPSECsyslog -t ipsec_setup 2>&1 - exit 1 - fi - tmp=/var/run/pluto/ipsec_setup.st - outtmp=/var/run/pluto/ipsec_setup.out - ( - ipsec _realsetup $1 - echo "$?" >$tmp - ) > ${outtmp} 2>&1 - st=$? - if test -f $tmp - then - st=`cat $tmp` - rm -f $tmp - fi - if [ -f ${outtmp} ]; then - cat ${outtmp} | logger -s -p $IPSECsyslog -t ipsec_setup 2>&1 - rm -f ${outtmp} - fi - exit $st - ;; - - restart|--restart|force-reload) - $0 $IPSEC_setupflags stop - $0 $IPSEC_setupflags start + start) + loadproc $DAEMON start ;; - - _autorestart) # for internal use only - $0 $IPSEC_setupflags _autostop - $0 $IPSEC_setupflags _autostart + stop) + $DAEMON stop && echo_success || ( killproc $DAEMON ; evaluate_retval) ;; - - status|--status) - ipsec _realsetup $1 - exit + status) + $DAEMON status ;; - - --version) - echo "$me $IPSEC_VERSION" - exit 0 + reload) + $DAEMON reload + evaluate_retval ;; - - --help) - echo "Usage: $me {--start|--stop|--restart|--status}" - exit 0 + restart) + $DAEMON restart + evaluate_retval ;; - *) - echo "Usage: $me {--start|--stop|--restart|--status}" >&2 - exit 2 + echo "Usage: $SCRIPTNAME {start|stop|restart|reload}" >&2 + exit 1 + ;; esac -exit 0 |