/mandos/trunk : revision 1294

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to init.d-mandos

Committer: Teddy Hogeborn
Date: 2024-09-09 01:36:41 UTC
Revision ID: teddy@recompile.se-20240909013641-6zu6kx2f7meu134k

Make all required directories when installing

When installing into a normal system, one can assume that target
directories, such as /usr/bin, already exists.  But when installing
into a subdirectory for the purpose of creating a package, one cannot
assume that all directories already exist.  Therefore, when
installing, we must not check if any directories exist, and must
instead always create any directories we want to install into.

* Makefile (confdir/mandos.conf, confdir/clients.conf, install-html):
  Use the "-D" option to "install" instead of creating the directory
  separately.
  (install-server): Move creation of $(CONFDIR) down to before it is
  needed.  Don't check if the $(TMPFILES) or $(SYSUSERS) directories
  exist; instead create them by using the "-D" option to "install".
  Create the $(PREFIX)/sbin directory.  Always use
  "--target-directory" if possible; i.e. if the file name is the same.
  Create the $(DBUSPOLICYDIR) and $(DESTDIR)/etc/init.d directories by
  using the "-D" option to "install".  Don't check if the $(SYSTEMD)
  directory exists; instead create it by using the "-D" option to
  "install".  Create the $(DESTDIR)/etc/default and $(MANDIR)/man8
  directories by using the "-D" option to "install".  Create the
  $(MANDIR)/man5 directories explicitly.
  (install-client-nokey): Remove unnecessary creation of the
  $(CONFDIR) directory.  Don't check if the $(SYSUSERS) directory
  exists; instead create it by using the "-D" option to "install".
  Move the "--directory" argument to be the first argument, for
  clarity.  Create the $(PREFIX)/sbin directory.  Use the "-D"
  argument to "install" when installing
  $(INITRAMFSTOOLS)/hooks/mandos,
  $(INITRAMFSTOOLS)/conf.d/mandos-conf,
  $(INITRAMFSTOOLS)/conf-hooks.d/zz-mandos,
  $(INITRAMFSTOOLS)/scripts/init-premount/mandos,
  $(INITRAMFSTOOLS)/scripts/local-premount/mandos,
  $(DRACUTMODULE)/ask-password-mandos.path, and
  $(DRACUTMODULE)/dracut-module/ask-password-mandos.service.  Create
  the $(MANDIR)/man8 directory.

Reported-By: Erich Eckner <erich@eckner.net>
Thanks: Erich Eckner <erich@eckner.net> for analysis

files added:
.bzr-builddeb

.bzr-builddeb/default.conf

DBUS-API

INSTALL

NEWS

README

bugs.xml

common.ent

dbus-mandos.conf

debian

debian/changelog

debian/compat

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.dirs

debian/mandos-client.docs

debian/mandos-client.examples

debian/mandos-client.links

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos-client.templates

debian/mandos.README.Debian

debian/mandos.dirs

debian/mandos.docs

debian/mandos.lintian-overrides

debian/mandos.maintscript

debian/mandos.postinst

debian/mandos.prerm

debian/mandos.templates

debian/po

debian/po/POTFILES.in

debian/po/de.po

debian/po/en_US.po

debian/po/es.po

debian/po/fr.po

debian/po/nl.po

debian/po/pt.po

debian/po/pt_BR.po

debian/po/sv.po

debian/po/templates.pot

debian/rules

debian/source

debian/source/format

debian/source/lintian-overrides

debian/source/local-options

debian/tests

debian/tests/control

debian/upstream

debian/upstream/metadata

debian/upstream/signing-key.asc

debian/watch

default-mandos

dracut-module

dracut-module/ask-password-mandos.path

dracut-module/ask-password-mandos.service

dracut-module/cmdline-mandos.sh

dracut-module/module-setup.sh

dracut-module/password-agent.c

dracut-module/password-agent.xml

init.d-mandos

initramfs-tools-conf

initramfs-tools-conf-hook

initramfs-tools-script-stop

initramfs-unpack

intro.xml

legalnotice.xml

mandos-ctl

mandos-ctl.xml

mandos-monitor

mandos-monitor.xml

mandos-to-cryptroot-unlock

mandos.lsm

mandos.service

network-hooks.d

network-hooks.d/bridge

network-hooks.d/bridge.conf

network-hooks.d/openvpn

network-hooks.d/openvpn.conf

network-hooks.d/wireless

network-hooks.d/wireless.conf

plugin-helpers

plugin-helpers/mandos-client-iprouteadddel.c

plugin-runner.conf

plugins.d/askpass-fifo.c

plugins.d/askpass-fifo.xml

plugins.d/plymouth.c

plugins.d/plymouth.xml

plugins.d/splashy.c

plugins.d/splashy.xml

plugins.d/usplash.c

plugins.d/usplash.xml

sysusers.d-mandos.conf

tmpfiles.d-mandos.conf

files removed:
initramfs-tools-hook-conf

plugins.d/usplash

files renamed:
plugins.d/password-request.c => plugins.d/mandos-client.c

plugins.d/password-request.xml => plugins.d/mandos-client.xml

files modified:
.bzrignore

Makefile

TODO

clients.conf

initramfs-tools-hook

initramfs-tools-script

mandos

mandos-clients.conf.xml

mandos-keygen

mandos-keygen.xml

mandos-options.xml

mandos.conf

mandos.conf.xml

mandos.xml

overview.xml

plugin-runner.c

plugin-runner.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

Show diffs side-by-side

added added

removed removed

init.d-mandos

#! /bin/sh

### BEGIN INIT INFO

# Provides: mandos

# Required-Start: $remote_fs $syslog avahi-daemon

# Required-Stop: $remote_fs $syslog avahi-daemon

# Default-Start: 2 3 4 5

# Default-Stop: 0 1 6

# Short-Description: Mandos server

# Description: Server of encrypted passwords to Mandos clients

### END INIT INFO

# Author: Teddy Hogeborn <teddy@recompile.se>

# Author: Björn Påhlsson <belorn@recompile.se>

# Do NOT "set -e"

# PATH should only include /usr/* if it runs after the mountnfs.sh script

PATH=/sbin:/usr/sbin:/bin:/usr/bin

DESC="Mandos root file system password server"

NAME=mandos

DAEMON=/usr/sbin/$NAME

DAEMON_ARGS=""

if [ -d /run/. ]; then

PIDFILE=/run/$NAME.pid

else

PIDFILE=/var/run/$NAME.pid

SCRIPTNAME=/etc/init.d/$NAME

# Exit if the package is not installed

[ -x "$DAEMON" ] || exit 0

# Read configuration variable file if it is present

[ -r /etc/default/$NAME ] && . /etc/default/$NAME

if [ -n "$CONFIGDIR" ]; then

DAEMON_ARGS="$DAEMON_ARGS --configdir $CONFIGDIR"

# Load the VERBOSE setting and other rcS variables

. /lib/init/vars.sh

# Define LSB log_* functions.

# Depend on lsb-base (>= 3.2-14) to ensure that this file is present

# and status_of_proc is working.

. /lib/lsb/init-functions

# Function that starts the daemon/service

do_start()

{

# Return

# 0 if daemon has been started

# 1 if daemon was already running

# 2 if daemon could not be started

start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \

|| return 1

start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \

$DAEMON_ARGS \

|| return 2

# Add code here, if necessary, that waits for the process to be ready

# to handle requests from services started subsequently which depend

# on this one. As a last resort, sleep for some time.

}

# Function that stops the daemon/service

do_stop()

{

# Return

# 0 if daemon has been stopped

# 1 if daemon was already stopped

# 2 if daemon could not be stopped

# other if a failure occurred

start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name $NAME

RETVAL="$?"

[ "$RETVAL" = 2 ] && return 2

# Wait for children to finish too if this is a daemon that forks

# and if the daemon is only ever run from this initscript.

# If the above conditions are not satisfied then add some other code

# that waits for the process to drop all resources that could be

# needed by services started subsequently. A last resort is to

# sleep for some time.

start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON

[ "$?" = 2 ] && return 2

# Many daemons don't delete their pidfiles when they exit.

rm -f $PIDFILE

return "$RETVAL"

}

# Function that sends a SIGHUP to the daemon/service

do_reload() {

# If the daemon can reload its configuration without

# restarting (for example, when it is sent a SIGHUP),

100

# then implement that here.

101

102

start-stop-daemon --stop --signal 1 --quiet --pidfile $PIDFILE --name $NAME

103

return 0

104

}

105

106

case "$1" in

107

start)

108

[ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"

109

do_start

110

case "$?" in

111

0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;

112

2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;

113

esac

114

;;

115

stop)

116

[ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"

117

do_stop

118

case "$?" in

119

0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;

120

2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;

121

esac

122

;;

123

status)

124

status_of_proc "$DAEMON" "$NAME" -p "$PIDFILE" && exit 0 || exit $?

125

;;

126

#reload|force-reload)

127

128

# If do_reload() is not implemented then leave this commented out

129

# and leave 'force-reload' as an alias for 'restart'.

130

131

#log_daemon_msg "Reloading $DESC" "$NAME"

132

#do_reload

133

#log_end_msg $?

134

#;;

135

restart|force-reload)

136

137

# If the "reload" option is implemented then remove the

138

# 'force-reload' alias

139

140

log_daemon_msg "Restarting $DESC" "$NAME"

141

do_stop

142

case "$?" in

143

0|1)

144

do_start

145

case "$?" in

146

0) log_end_msg 0 ;;

147

1) log_end_msg 1 ;; # Old process is still running

148

*) log_end_msg 1 ;; # Failed to start

149

esac

150

;;

151

152

# Failed to stop

153

log_end_msg 1

154

;;

155

esac

156

;;

157

158

#echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2

159

echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2

160

exit 3

161

;;

162

esac

163

164

Older »