X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~mdw/git/tripe/blobdiff_plain/786989941b7b4504f0234c4a318f929802e981ad..6c3803c4a52101bf4032912ae28e740423882382:/init/tripe-init.in diff --git a/init/tripe-init.in b/init/tripe-init.in index e3d835ac..d04f42f3 100755 --- a/init/tripe-init.in +++ b/init/tripe-init.in @@ -1,185 +1,244 @@ #! /bin/sh -# -# tripe init script -# suitable for direct use in most SysV-style inits +### +### tripe init script +### suitable for direct use in most SysV-style inits + +### BEGIN INIT INFO +# Provides: tripe +# Required-Start: $local_fs $remote_fs $named $network +# Required-Stop: $local_fs $remote_fs $network +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: tripe Virtual Private Network server +### END INIT INFO set -e -# --- Setup --- +###-------------------------------------------------------------------------- +### Configuration. [ -f @initconfig@ ] && . @initconfig@ + : ${prefix=@prefix@} ${exec_prefix=@exec_prefix@} : ${bindir=@bindir@} ${sbindir=@sbindir@} -: ${TRIPEDIR=@configdir@} ${tripesock=@socketdir@/tripesock} +: ${TRIPEDIR=@configdir@} ${TRIPESOCK=@socketdir@/tripesock} : ${pidfile=@pidfile@} : ${tripe=$sbindir/tripe} ${tripectl=$bindir/tripectl} + PATH=/usr/bin:/usr/sbin:/bin:/sbin:$bindir -export PATH TRIPEDIR +export PATH TRIPEDIR TRIPESOCK TRIPE_SLIPIF + +###-------------------------------------------------------------------------- +### Pre-flight checks. -# --- Give up if there's no key --- +## Give up if there's no binary. +if test ! -x "$tripe" || test ! -x "$tripectl"; then + echo >&2 "Not starting/stopping TrIPE: binary files missing" + exit 0 +fi -if test ! -f $TRIPEDIR/keyring || test ! -f $TRIPEDIR/keyring.pub; then +## Give up if there's no key. +if test ! -f "$TRIPEDIR/keyring" || test ! -f "$TRIPEDIR/keyring.pub"; then echo >&2 "Not starting/stopping TrIPE: keyring files missing" exit 0 fi -# --- Check it will work, or at least stands a fighting chance --- -# -# Having loads of different tunnel types doesn't help any. - -test -x $tripe -a -x $tripectl || exit 0 - -case ${tunnel-`$tripe --tunnels | head -1`} in - linux) - case `uname -s` in - Linux) - if { test -f /proc/misc && grep -q net/tun /proc/misc; } || - modprobe -q tun; then - : good - else - echo >&2 "$tripe needs the Linux TUN/TAP driver to run." - exit 1 - fi - if test -c /dev/net/tun; then - : good - else - echo >&2 "$tripe needs /dev/net/tun, which is missing." - exit 1 - fi - ;; - *) - echo >&2 "CONFIGURATION ERROR" - echo >&2 " $tripe is compiled to use a Linux tunnel device, but" - echo >&2 " this system is `uname -s`" - exit 1 - ;; - esac +## Check it will work, or at least stands a fighting chance. +## +## (Having loads of different tunnel types doesn't help any.) +case ${tunnel-`$tripe --tunnels | head -1`},`uname -s` in + + ## Linux TUN/TAP. + linux,Linux) + if { test -f /proc/misc && grep -q tun /proc/misc; } || + modprobe -q tun; then + : good + else + echo >&2 "$tripe needs the Linux TUN/TAP driver to run." + exit 1 + fi + if test -c /dev/net/tun; then + : good + else + echo >&2 "$tripe needs /dev/net/tun, which is missing." + exit 1 + fi ;; - unet) - case `uname -s` in - Linux) - if { test -f /proc/devices && grep -q unet /proc/devices; } || - modprobe -q unet; then - : good - else - echo >&2 "$tripe needs the Linux UNET driver to run." - exit 1 - fi - if test -c /dev/unet; then - : good - else - echo >&2 "$tripe needs /dev/unet, which is missing." - exit 1 - fi - ;; - *) - echo >&2 "CONFIGURATION ERROR" - echo >&2 " $tripe is compiled to use a Linux tunnel device, but" - echo >&2 " this system is `uname -s`" - exit 1 - ;; - esac + + ## Linux Unet (obsolete). + unet,Linux) + if { test -f /proc/devices && grep -q unet /proc/devices; } || + modprobe -q unet; then + : good + else + echo >&2 "$tripe needs the Linux UNET driver to run." + exit 1 + fi + if test -c /dev/unet; then + : good + else + echo >&2 "$tripe needs /dev/unet, which is missing." + exit 1 + fi ;; - bsd) - case `uname -s` in - *BSD) - # Don't know how to check the device is working. - if test -c /dev/tun0; then - : good - else - echo >&2 "$tripe needs /dev/tun0, which is missing." - exit 1 - fi - ;; - *) - echo >&2 "CONFIGURATION ERROR" - echo >&2 " $tripe is compiled to use a BSD tunnel device, but" - echo >&2 " this system is `uname -s`" - exit 1 - ;; - esac + + ## BSD tun. + bsd,*BSD) + ## Don't know how to check the device is working. Check the device file + ## exists and hope for the best. + if test -c /dev/tun0; then + : good + else + echo >&2 "$tripe needs /dev/tun0, which is missing." + exit 1 + fi ;; - slip) + + ## SLIP. + slip,*) if test "$TRIPE_SLIPIF" = ""; then echo >&2 "$tripe needs SLIP interfaces set up!" exit 1 fi ;; + + ## Various kinds of misconfiguration. + linux,* | unet,*) + echo >&2 "CONFIGURATION ERROR" + echo >&2 " $tripe is compiled to use a Linux tunnel device, but" + echo >&2 " this system is `uname -s`" + exit 1 + ;; + bsd,*) + echo >&2 "CONFIGURATION ERROR" + echo >&2 " $tripe is compiled to use a BSD tunnel device, but" + echo >&2 " this system is `uname -s`" + exit 1 + ;; esac - -# --- Do what was wanted --- + +###-------------------------------------------------------------------------- +### Do what was wanted. case "$1" in + start) echo -n "Starting TrIPE VPN daemon:" + + ## Check to see whether the daemon is already going. If it can respond + ## to a simple request, we'll assume that it is. if $tripectl version >/dev/null 2>/dev/null; then echo " already running" exit 0 fi + + ## Start the server, passing lots of arguments. $tripectl -D -s -p$tripe \ -f${logfile-@logfile@} \ -P$pidfile \ ${keytag+-S-t}$keytag \ ${addr+-S-b}$addr \ ${port+-S-p}${port} \ - ${user+-S-u}${user} \ - ${group+-S-g}${group} \ + ${user+-U}${user} \ + ${group+-G}${group} \ + ${sockmode+-S-m}${sockmode} \ ${trace+-S-T}${trace} \ ${tunnel+-S-n}${tunnel} \ ${miscopts} + + ## Wait for the server to start up. This doesn't usually take long. for i in 1 2 3 4 give-up; do $tripectl help >/dev/null 2>/dev/null && break sleep 1 done + if [ $i = give-up ]; then echo " wouldn't start" exit 1 fi + echo -n " tripe" - for i in $TRIPEDIR/peers/*; do + + ## Start up the ancillary services. + sep=" services [" end="" + [ -d $TRIPEDIR/services ] && for i in $TRIPEDIR/services/*; do + [ -x $i ] || continue + name=`basename $i` + case $name in *~|\#*) continue;; esac + if $i --daemon --startup; then + echo -n "$sep$name" + else + echo -n "$sep($name failed)" + fi + sep=" " end="]" + done + echo -n "$end" + + ## Start up the statically configured peers. + sep=" peers [" end="" + [ -d $TRIPEDIR/peers ] && for i in $TRIPEDIR/peers/*; do [ -x $i ] || continue name=`basename $i` case $name in *~|\#*) continue;; esac - if $i; then - echo -n " $name" + if $i; then + echo -n "$sep$name" else - echo -n " ($name failed)" + echo -n "$sep($name failed)" fi + sep=" " end="]" done - echo " done" + + ## Happy. + echo "$end done" ;; + stop) echo -n "Stopping TrIPE VPN daemon:" - if test ! -S $tripesock; then + + ## If there's no socket, it must have quit (probably nonviolently). + if (cd $TRIPEDIR && test ! -S $TRIPESOCK); then echo " not running" + + ## Ask it to die nicely. elif $tripectl quit >/dev/null 2>&1; then echo " done" + + ## If there's no pidfile then tripectl presumably deleted it. elif test ! -f $pidfile; then echo " stale socket found: removing" - rm -f $tripesock + rm -f $TRIPESOCK + + ## Otherwise kill the process unpleasantly. elif kill `cat $pidfile`; then echo " done (killed violently)" else - echo " it doesn't want do die!" + echo " it doesn't want to die!" exit 1 fi ;; + status) for i in `$tripectl list`; do echo "Peer \`$i':" $tripectl stats $i | sed 's/^/ /' done ;; + reload) $tripectl reload echo "Keyrings reloaded OK." ;; + restart | force-reload) sh $0 stop sh $0 start ;; + *) echo >&2 "usage: $0 start|stop|restart|status|reload|force-reload" exit 1 ;; + esac + +###----- That's all, folks --------------------------------------------------