| 1 | #! /bin/sh |
| 2 | |
| 3 | ### BEGIN INIT INFO |
| 4 | # Provides: tunnel |
| 5 | # Required-Start: $remote_fs $syslog |
| 6 | # Required-Stop: $remote_fs $syslog |
| 7 | # Default-Start: 2 3 4 5 |
| 8 | # Default-Stop: 0 1 6 |
| 9 | # Short-Description: Outbound SSH tunnels |
| 10 | # Description: This script starts or stops the outbound SSH tunnels |
| 11 | # maintained by the `tunnel' user. |
| 12 | ### END INIT INFO |
| 13 | |
| 14 | # Author: Mark Wooding <mdw@distorted.org.uk> |
| 15 | |
| 16 | ## Initial configuration. |
| 17 | PATH=/sbin:/usr/sbin:/bin:/usr/bin |
| 18 | DESC="outbound SSH tunnels" |
| 19 | TUNUSER=tunnel |
| 20 | RUN=/var/run/$TUNUSER |
| 21 | if [ -f /etc/default/tunnel ]; then . /etc/default/tunnel; fi |
| 22 | : ${TUNHOME=$(getent passwd "$TUNUSER" | cut -d: -f6)} |
| 23 | : ${TUNGROUP=$(id -g "$TUNUSER")} |
| 24 | if [ ! -x "$TUNHOME/bin/outbound" ]; then exit 0; fi |
| 25 | : ${tunnels=$(sed -n \ |
| 26 | '/^Host[[:space:]]\+\([^[:space:]*]\|[^[:space:]].*[^[:space:]]\)[[:space:]]*$/s//\1/p' \ |
| 27 | "$TUNHOME/.ssh/config")} |
| 28 | |
| 29 | ## Scan the command-line. |
| 30 | case "$#" in |
| 31 | 0) op=none ;; |
| 32 | 1) op=$1; shift; set -- $tunnels ;; |
| 33 | *) op=$1; shift ;; |
| 34 | esac |
| 35 | |
| 36 | ## Make sure that the runtime state directory exists. If not, create it with |
| 37 | ## sensible permissions. Don't override permissions if it already exists, |
| 38 | ## because presumably the administrator has fiddled them deliberately. |
| 39 | if [ ! -d "$RUN" ]; then |
| 40 | mkdir -m755 "$RUN" |
| 41 | chown "$TUNUSER:$TUNGROUP" "$RUN" |
| 42 | fi |
| 43 | cd "$RUN" |
| 44 | |
| 45 | ## Utility to run the per-host script. |
| 46 | run_outbound () { sudo -u"$TUNUSER" "$TUNHOME/bin/outbound" "$@"; } |
| 47 | |
| 48 | ## Utilities for doing things to individual hosts. |
| 49 | start () { run_outbound start "$1"; } |
| 50 | stop () { run_outbound stop "$1"; } |
| 51 | restart () { stop "$1"; start "$1"; } |
| 52 | |
| 53 | ## Higher-order iterator to process a list of hosts. |
| 54 | foreach () { |
| 55 | whatting=$1 what=$2; shift 2 |
| 56 | echo -n "$whatting $DESC:" |
| 57 | for i in "$@"; do |
| 58 | $what "$i" |
| 59 | echo -n " $i" |
| 60 | done |
| 61 | echo "." |
| 62 | } |
| 63 | |
| 64 | ## Main dispatch. |
| 65 | case $op in |
| 66 | start) foreach "Starting" start "$@" ;; |
| 67 | stop) foreach "Stopping" stop "$@" ;; |
| 68 | restart | force-reload) foreach "Restarting" restart "$@" ;; |
| 69 | status) |
| 70 | for i in "$@"; do |
| 71 | echo -n "$i: " |
| 72 | run_outbound status "$i" |
| 73 | done |
| 74 | ;; |
| 75 | *) |
| 76 | echo >&2 "usage: $0 {start|stop|restart|status} [HOST ...]" |
| 77 | exit 1 |
| 78 | ;; |
| 79 | esac |