mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2024-11-26 02:20:51 +01:00
9d62501fd8
Note that `rc' and `rc.shutdown' could not be imported because we already have files with those names.
587 lines
13 KiB
Plaintext
587 lines
13 KiB
Plaintext
# $NetBSD: rc.subr,v 1.28 2000/11/06 00:08:30 lukem Exp $
|
|
#
|
|
# Copyright (c) 1997-2000 The NetBSD Foundation, Inc.
|
|
# All rights reserved.
|
|
#
|
|
# This code is derived from software contributed to The NetBSD Foundation
|
|
# by Luke Mewburn.
|
|
#
|
|
# Redistribution and use in source and binary forms, with or without
|
|
# modification, are permitted provided that the following conditions
|
|
# are met:
|
|
# 1. Redistributions of source code must retain the above copyright
|
|
# notice, this list of conditions and the following disclaimer.
|
|
# 2. Redistributions in binary form must reproduce the above copyright
|
|
# notice, this list of conditions and the following disclaimer in the
|
|
# documentation and/or other materials provided with the distribution.
|
|
# 3. All advertising materials mentioning features or use of this software
|
|
# must display the following acknowledgement:
|
|
# This product includes software developed by the NetBSD
|
|
# Foundation, Inc. and its contributors.
|
|
# 4. Neither the name of The NetBSD Foundation nor the names of its
|
|
# contributors may be used to endorse or promote products derived
|
|
# from this software without specific prior written permission.
|
|
#
|
|
# THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
|
|
# ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
|
|
# TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
|
|
# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
|
|
# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
|
|
# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
|
|
# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
|
|
# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
|
# POSSIBILITY OF SUCH DAMAGE.
|
|
#
|
|
# rc.subr
|
|
# functions used by various rc scripts
|
|
#
|
|
|
|
#
|
|
# functions
|
|
# ---------
|
|
|
|
#
|
|
# checkyesno var
|
|
# Test $1 variable, and warn if not set to YES or NO.
|
|
# Return 0 if it's "yes" (et al), nonzero otherwise.
|
|
#
|
|
checkyesno()
|
|
{
|
|
eval _value=\$${1}
|
|
case $_value in
|
|
|
|
# "yes", "true", "on", or "1"
|
|
[Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1)
|
|
return 0
|
|
;;
|
|
|
|
# "no", "false", "off", or "0"
|
|
[Nn][Oo]|[Ff][Aa][Ll][Ss][Ee]|[Oo][Ff][Ff]|0)
|
|
return 1
|
|
;;
|
|
*)
|
|
warn "\$${1} is not set properly."
|
|
return 1
|
|
;;
|
|
esac
|
|
}
|
|
|
|
#
|
|
# mount_critical_filesystems
|
|
# Go through the list of critical filesystems, checking each one
|
|
# to see if it is mounted, and if it is not, mounting it.
|
|
#
|
|
mount_critical_filesystems()
|
|
{
|
|
if [ $1 = local ]; then
|
|
_fslist=$critical_filesystems_beforenet
|
|
else
|
|
_fslist=$critical_filesystems
|
|
fi
|
|
for _fs in $_fslist; do
|
|
mount | (
|
|
_ismounted=no
|
|
while read what _on on _type type; do
|
|
if [ $on = $_fs ]; then
|
|
_ismounted=yes
|
|
fi
|
|
done
|
|
if [ $_ismounted = no ]; then
|
|
mount $_fs >/dev/null 2>&1
|
|
fi
|
|
)
|
|
done
|
|
}
|
|
|
|
#
|
|
# check_pidfile pidfile procname
|
|
# Parses the first line of pidfile for a pid, and ensures
|
|
# that the process is running and matches procname.
|
|
# Prints the matching pid upon success, nothing otherwise.
|
|
#
|
|
check_pidfile()
|
|
{
|
|
_pidfile=$1
|
|
_procname=$2
|
|
if [ -z "$_pidfile" -o -z "$_procname" ]; then
|
|
err 3 'USAGE: check_pidfile pidfile procname'
|
|
fi
|
|
if [ ! -f $_pidfile ]; then
|
|
return
|
|
fi
|
|
read _pid _junk < $_pidfile
|
|
if [ -z "$_pid" ]; then
|
|
return
|
|
fi
|
|
_procnamebn=${_procname##*/}
|
|
ps -p $_pid -o 'pid,command' | while read _npid _arg0 _argv; do
|
|
if [ "$_npid" = "PID" ]; then
|
|
continue
|
|
fi
|
|
if [ "$_arg0" = "$_procname" \
|
|
-o "$_arg0" = "$_procnamebn" \
|
|
-o "$_arg0" = "${_procnamebn}:" \
|
|
-o "$_arg0" = "(${_procnamebn})" ]; then
|
|
echo $_npid
|
|
return
|
|
fi
|
|
done
|
|
}
|
|
|
|
#
|
|
# check_process procname
|
|
# Ensures that a process (or processes) named procname is running.
|
|
# Prints a list of matching pids.
|
|
#
|
|
check_process()
|
|
{
|
|
_procname=$1
|
|
if [ -z "$_procname" ]; then
|
|
err 3 'USAGE: check_process procname'
|
|
fi
|
|
_procnamebn=${_procname##*/}
|
|
_pref=
|
|
ps -ax -o 'pid,command' | while read _npid _arg0 _argv; do
|
|
if [ "$_npid" = "PID" ]; then
|
|
continue
|
|
fi
|
|
if [ "$_arg0" = "$_procname" \
|
|
-o "$_arg0" = "$_procnamebn" \
|
|
-o "$_arg0" = "${_procnamebn}:" \
|
|
-o "$_arg0" = "(${_procnamebn})" ]; then
|
|
echo -n "$_pref$_npid"
|
|
_pref=" "
|
|
fi
|
|
done
|
|
}
|
|
|
|
#
|
|
# run_rc_command arg
|
|
# Search for arg in the list of supported commands, which is:
|
|
# "start stop restart rcvar status ${extra_commands}"
|
|
# If there's a match, run ${arg}_cmd or the default command (see below).
|
|
#
|
|
# If arg has a given prefix, then change the operation as follows:
|
|
# prefix operation
|
|
# ------ ---------
|
|
# fast Skip the pid check.
|
|
# force Set ${rcvar} to YES.
|
|
#
|
|
# The following globals are used:
|
|
#
|
|
# name needed function
|
|
# ---- ------ --------
|
|
# name y Name of script.
|
|
#
|
|
# command n Full path to command.
|
|
# Not needed if ${arg}_cmd is set for
|
|
# each keyword.
|
|
#
|
|
# command_args n Optional args/shell directives for command.
|
|
#
|
|
# extra_commands n List of extra commands supported.
|
|
#
|
|
# pidfile n If set, use check_pidfile $pidfile, else if
|
|
# $command is set, use check_process $command.
|
|
#
|
|
# rcvar n This is checked with checkyesno to determine
|
|
# if the action should be run.
|
|
#
|
|
# ${name}_chroot n Directory to chroot to before running ${command}
|
|
#
|
|
# ${name}_chdir n Directory to cd to before running ${command}
|
|
# (if not using ${name}_chroot).
|
|
#
|
|
# ${name}_flags n Arguments to call ${command} with.
|
|
# NOTE: $flags from the parent environment
|
|
# can be used to override this.
|
|
#
|
|
# ${name}_nice n Nice level to run ${command} at.
|
|
#
|
|
# ${name}_user n User to run ${command} as, using su(1) if not
|
|
# using ${name}_chroot.
|
|
#
|
|
# ${name}_group n Group to run chrooted ${command} as.
|
|
#
|
|
# ${name}_groups n Supplementary group list to run chrooted
|
|
# ${command} with.
|
|
#
|
|
# ${_arg}_cmd n If set, use this as the action when invoked;
|
|
# $_arg is available to the action to use.
|
|
# Otherwise, use default command (see below)
|
|
#
|
|
# ${_arg}_precmd n If set, run just before performing the main
|
|
# action in the default command (i.e, after
|
|
# checking for required bits and process
|
|
# (non)existance).
|
|
# If this completes with a non-zero exit code,
|
|
# don't run ${_arg}_cmd.
|
|
#
|
|
# required_dirs n If set, check for the existence of the given
|
|
# directories before running the default
|
|
# (re)start command.
|
|
#
|
|
# required_files n If set, check for the readability of the given
|
|
# files before running the default (re)start
|
|
# command.
|
|
#
|
|
# required_vars n If set, perform checkyesno on each of the
|
|
# listed variables before running the default
|
|
# (re)start command.
|
|
#
|
|
# Default commands for a given arg:
|
|
#
|
|
# arg default
|
|
# --- -------
|
|
# status Show if ${command} is running, etc.
|
|
#
|
|
# start if !running && checkyesno ${rcvar}
|
|
# ${command}
|
|
#
|
|
# stop if ${pidfile}
|
|
# kill $sig_stop `check_pidfile $pidfile`
|
|
# else
|
|
# kill $sig_stop `check_process $command`
|
|
# $sig_stop defaults to TERM.
|
|
#
|
|
# reload As stop, except use $sig_reload instead.
|
|
# $sig_reload defaults to HUP.
|
|
#
|
|
# restart Run `stop' then `start'.
|
|
#
|
|
#
|
|
run_rc_command()
|
|
{
|
|
_arg=$1
|
|
if [ -z "$name" ]; then
|
|
err 3 '$name is not set.'
|
|
fi
|
|
|
|
case "$_arg" in
|
|
fast*) # "fast" prefix; don't check pid
|
|
_arg=${_arg#fast}
|
|
_rc_fast_run=YES
|
|
;;
|
|
force*) # "force prefix; always start
|
|
_arg=${_arg#force}
|
|
_rc_force_run=YES
|
|
if [ -n "${rcvar}" ]; then
|
|
eval ${rcvar}=YES
|
|
fi
|
|
;;
|
|
esac
|
|
|
|
_keywords="start stop restart rcvar $extra_commands"
|
|
_pid=
|
|
_pidcmd=
|
|
# setup pid check command if not fast
|
|
if [ -z "$_rc_fast_run" ]; then
|
|
if [ -n "$pidfile" ]; then
|
|
_pidcmd='_pid=`check_pidfile '$pidfile' '$command'`'
|
|
elif [ -n "$command" ]; then
|
|
_pidcmd='_pid=`check_process '$command'`'
|
|
fi
|
|
if [ -n "$_pidcmd" ]; then
|
|
_keywords="${_keywords} status"
|
|
fi
|
|
fi
|
|
|
|
if [ -z "$_arg" ]; then
|
|
rc_usage "$_keywords"
|
|
fi
|
|
|
|
if [ -n "$flags" ]; then # allow override from environment
|
|
_flags=$flags
|
|
else
|
|
eval _flags=\$${name}_flags
|
|
fi
|
|
eval _chdir=\$${name}_chdir
|
|
eval _chroot=\$${name}_chroot
|
|
eval _nice=\$${name}_nice
|
|
eval _user=\$${name}_user
|
|
eval _group=\$${name}_group
|
|
eval _groups=\$${name}_groups
|
|
|
|
# if ${rcvar} is set, and $1 is not
|
|
# "rcvar" or "status", then run
|
|
# checkyesno ${rcvar}
|
|
# and return if that failed
|
|
#
|
|
if [ -n "${rcvar}" -a "$_arg" != "rcvar" -a "$_arg" != "status" ]; then
|
|
if ! checkyesno ${rcvar}; then
|
|
return 0
|
|
fi
|
|
fi
|
|
|
|
eval $_pidcmd # determine the pid if necessary
|
|
|
|
for _elem in $_keywords; do
|
|
if [ "$_elem" != "$_arg" ]; then
|
|
continue
|
|
fi
|
|
|
|
# if there's a custom ${XXX_cmd},
|
|
# run that instead of the default
|
|
#
|
|
eval _cmd=\$${_arg}_cmd
|
|
eval _precmd=\$${_arg}_precmd
|
|
if [ -n "$_cmd" ]; then
|
|
# if the precmd failed and force
|
|
# isn't set, exit
|
|
#
|
|
if ! eval $_precmd && [ -z "$_rc_force_run" ]; then
|
|
return 1
|
|
fi
|
|
|
|
eval $_cmd
|
|
return 0
|
|
fi
|
|
|
|
case "$_arg" in # default operations...
|
|
|
|
status)
|
|
if [ -n "$_pid" ]; then
|
|
echo "${name} is running as pid $_pid."
|
|
else
|
|
echo "${name} is not running."
|
|
return 1
|
|
fi
|
|
;;
|
|
|
|
start)
|
|
if [ -n "$_pid" ]; then
|
|
echo "${name} already running? (pid=$_pid)."
|
|
exit 1
|
|
fi
|
|
|
|
if [ ! -x $command ]; then
|
|
return 0
|
|
fi
|
|
|
|
# check for required variables,
|
|
# directories, and files
|
|
#
|
|
for _f in $required_vars; do
|
|
if ! checkyesno $_f; then
|
|
warn "\$${_f} is not set."
|
|
if [ -z "$_rc_force_run" ]; then
|
|
return 1
|
|
fi
|
|
fi
|
|
done
|
|
for _f in $required_dirs; do
|
|
if [ ! -d "${_f}/." ]; then
|
|
warn "${_f} is not a directory."
|
|
if [ -z "$_rc_force_run" ]; then
|
|
return 1
|
|
fi
|
|
fi
|
|
done
|
|
for _f in $required_files; do
|
|
if [ ! -r "${_f}" ]; then
|
|
warn "${_f} is not readable."
|
|
if [ -z "$_rc_force_run" ]; then
|
|
return 1
|
|
fi
|
|
fi
|
|
done
|
|
|
|
# if the precmd failed and force
|
|
# isn't set, exit
|
|
#
|
|
if ! eval $_precmd && [ -z "$_rc_force_run" ]; then
|
|
return 1
|
|
fi
|
|
|
|
|
|
# setup the command to run, and run it
|
|
#
|
|
echo "Starting ${name}."
|
|
if [ -n "$_chroot" ]; then
|
|
_doit="\
|
|
${_nice:+nice -n $_nice }\
|
|
chroot ${_user:+-u $_user }${_group:+-g $_group }${_groups:+-G $_groups }\
|
|
$_chroot $command $_flags $command_args"
|
|
else
|
|
_doit="\
|
|
${_user:+su -m $_user -c 'sh -c \"}\
|
|
${_chdir:+cd $_chdir; }\
|
|
${_nice:+nice -n $_nice }\
|
|
$command $_flags $command_args\
|
|
${_user:+\"'}"
|
|
fi
|
|
eval $_doit
|
|
;;
|
|
|
|
stop)
|
|
if [ -z "$_pid" ]; then
|
|
if [ -n "$pidfile" ]; then
|
|
echo \
|
|
"${name} not running? (check $pidfile)."
|
|
else
|
|
echo "${name} not running?"
|
|
fi
|
|
exit 1
|
|
fi
|
|
|
|
if ! eval $_precmd && [ -z "$_rc_force_run" ]; then
|
|
return 1
|
|
fi
|
|
echo "Stopping ${name}."
|
|
_doit=\
|
|
"${_user:+su -m $_user -c '}kill -${sig_stop:-TERM} $_pid${_user:+'}"
|
|
eval $_doit
|
|
;;
|
|
|
|
reload)
|
|
if [ -z "$_pid" ]; then
|
|
if [ -n "$pidfile" ]; then
|
|
echo \
|
|
"${name} not running? (check $pidfile)."
|
|
else
|
|
echo "${name} not running?"
|
|
fi
|
|
exit 1
|
|
fi
|
|
echo "Reloading ${name} config files."
|
|
if ! eval $_precmd && [ -z "$_rc_force_run" ]; then
|
|
return 1
|
|
fi
|
|
_doit=\
|
|
"${_user:+su -m $_user -c '}kill -${sig_reload:-HUP} $_pid${_user:+'}"
|
|
eval $_doit
|
|
;;
|
|
|
|
restart)
|
|
if ! eval $_precmd && [ -z "$_rc_force_run" ]; then
|
|
return 1
|
|
fi
|
|
# prevent restart being called more
|
|
# than once by any given script
|
|
#
|
|
if [ -n "$_rc_restart_done" ]; then
|
|
return 0
|
|
fi
|
|
_rc_restart_done=YES
|
|
( $0 ${_rc_force_run:+force}stop )
|
|
sleep 1
|
|
$0 ${_rc_force_run:+force}start
|
|
|
|
;;
|
|
|
|
rcvar)
|
|
echo "# $name"
|
|
if [ -n "$rcvar" ]; then
|
|
if checkyesno ${rcvar}; then
|
|
echo "\$${rcvar}=YES"
|
|
else
|
|
echo "\$${rcvar}=NO"
|
|
fi
|
|
fi
|
|
;;
|
|
|
|
*)
|
|
rc_usage "$_keywords"
|
|
;;
|
|
|
|
esac
|
|
return 0
|
|
done
|
|
|
|
echo 1>&2 "$0: unknown directive '$_arg'."
|
|
rc_usage "$_keywords"
|
|
exit 1
|
|
}
|
|
|
|
#
|
|
# run_rc_script file arg
|
|
# Start the script `file' with `arg', and correctly handle the
|
|
# return value from the script. If `file' ends with `.sh', it's
|
|
# sourced into the current environment. Otherwise it's run as
|
|
# a child process.
|
|
#
|
|
# Note: because `.sh' files are sourced into the current environment
|
|
# run_rc_command shouldn't be used because its difficult to ensure
|
|
# that the global variable state before and after the sourcing of
|
|
# the .sh file won't adversely affect other scripts.
|
|
#
|
|
run_rc_script()
|
|
{
|
|
_file=$1
|
|
_arg=$2
|
|
if [ -z "$_file" -o -z "$_arg" ]; then
|
|
err 3 'USAGE: run_rc_script file arg'
|
|
fi
|
|
|
|
case "$_file" in
|
|
*.sh) # run in current shell
|
|
set $_arg ; . $_file
|
|
;;
|
|
*) # run in subshell
|
|
( set $_arg ; . $_file )
|
|
;;
|
|
esac
|
|
}
|
|
|
|
#
|
|
# load_rc_config
|
|
# Source in the configuration file for a given command.
|
|
#
|
|
load_rc_config()
|
|
{
|
|
_command=$1
|
|
if [ -z "$_command" ]; then
|
|
err 3 'USAGE: load_rc_config command'
|
|
fi
|
|
|
|
. /etc/rc.conf
|
|
if [ -f /etc/rc.conf.d/"$_command" ]; then
|
|
. /etc/rc.conf.d/"$_command"
|
|
fi
|
|
}
|
|
|
|
|
|
#
|
|
# rc_usage commands
|
|
# Print a usage string for $0, with `commands' being a list of
|
|
# valid commands.
|
|
#
|
|
rc_usage()
|
|
{
|
|
echo -n 1>&2 "Usage: $0 [fast|force]("
|
|
|
|
_sep=
|
|
for _elem in $*; do
|
|
echo -n 1>&2 "$_sep$_elem"
|
|
_sep="|"
|
|
done
|
|
echo 1>&2 ")"
|
|
exit 1
|
|
}
|
|
|
|
#
|
|
# err exitval message
|
|
# Display message to stderr and log to the syslog, and exit with exitval.
|
|
#
|
|
err()
|
|
{
|
|
exitval=$1
|
|
shift
|
|
|
|
logger "$0: ERROR: $*"
|
|
echo 1>&2 "$0: ERROR: $*"
|
|
exit $exitval
|
|
}
|
|
|
|
#
|
|
# warn message
|
|
# Display message to stderr and log to the syslog.
|
|
#
|
|
warn()
|
|
{
|
|
logger "$0: WARNING: $*"
|
|
echo 1>&2 "$0: WARNING: $*"
|
|
}
|