USER=Debian-hippotat
PIDFILE=/var/run/hippotat/hippotatd.pid
LOGFACILITY=daemon
+CHECK_FIREWALL=true
# HIPPOTATD_ARGS
+AS_USER=as_user_userv
+DESCRIPTION='Asinine IP over HTTP server'
+if type -p authbind >/dev/null 2>&1; then AUTHBIND=authbind; fi
. /etc/default/hippotatd
test -f $DAEMON || exit 0
-egrep '^[^ #]' $MASTER_CONFIG >/dev/null || exit 0
+egrep '^[^ #]' $MASTER_CONFIG >/dev/null 2>&1 || exit 0
. /lib/lsb/init-functions
+as_user_userv () {
+ userv --override '
+ execute-from-path
+ no-suppress-args
+ ' $USER "$@"
+}
+
ssd () {
set +e
start-stop-daemon --start --quiet --user $USER --pidfile=$PIDFILE "$@"
chown $USER $pidfiledir
}
+dump_firewall () {
+ iptables -L -v -n
+}
+
+print_config () {
+ $AS_USER $DAEMON $HIPPOTATD_ARGS --print-config "$1"
+}
+
+check_firewall () {
+ vnetwork=$(print_config vnetwork)
+ if dump_firewall | fgrep " $vnetwork " >/dev/null; then :; else
+ log_failure_msg \
+ "no entry in firewall for insecure vnetwork $vnetwork"
+ exit 1
+ fi
+}
+
do_start () {
+ check_firewall
ensure_dirs
- ssd --chuid $USER --startas \
- $DAEMON --daemon --pidfile=$PIDFILE \
+ ssd --chuid $USER --startas \
+ $AUTHBIND $DAEMON --daemon --pidfile=$PIDFILE \
--syslog-facility=$LOGFACILITY $HIPPOTATD_ARGS
}
do_stop () {
case "$1" in
start)
- log_daemon_msg "Starting IP over HTTP server" hippotatd
+ log_daemon_msg "Starting $DESCRIPTION" hippotatd
do_start
log_end_msg $rc
;;
stop)
- log_daemon_msg "Stopping IP over HTTP server" hippotatd
+ log_daemon_msg "Stopping $DESCRIPTION" hippotatd
do_stop
log_end_msg $rc
;;
restart|force-reload)
- log_daemon_msg "Restarting IP over HTTP server" hippotatd
+ log_daemon_msg "Restarting $DESCRIPTION" hippotatd
do_stop
sleep 1
do_start