search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Provide support for enctype aliases for ease of use.
[heimdal.git] / debian / heimdal.init
blobc49fb4002de9bffb5b447c9abaf50327eed8da90
1 #! /bin/sh
2 ### BEGIN INIT INFO
3 # Provides: heimdal-kdc
4 # Required-Start: $remote_fs $syslog
5 # Required-Stop: $remote_fs $syslog
6 # Default-Start: 2 3 4 5
7 # Default-Stop: 0 1 6
8 # Short-Description: Start KDC server
9 ### END INIT INFO
10
11 BIN_DIRECTORY=/opt/heimdal/bin
12 SBIN_DIRECTORY=/opt/heimdal/sbin
13 DAEMON_DIRECTORY=/opt/heimdal/libexec
14 CONFIG_DIRECTORY=/etc/opt/heimdal
15 MASTER_FILE=$CONFIG_DIRECTORY/master
16
17 PATH=$SBIN_DIRECTORY:$BIN_DIRECTORY:/sbin:/bin:/usr/sbin:/usr/bin
18 KDC_DAEMON=$DAEMON_DIRECTORY/kdc
19 KDC_NAME=heimdal-kdc
20 KDC_DESC="Heimdal KDC"
21 KPASSWDD_DAEMON=$DAEMON_DIRECTORY/kpasswdd
22 KPASSWDD_NAME=kpasswdd
23 KPASSWDD_DESC="Heimdal password server"
24 KPASSWDD_ENABLED=no
25
26 IPROP_MASTER=$DAEMON_DIRECTORY/ipropd-master
27 IPROP_SLAVE=$DAEMON_DIRECTORY/ipropd-slave
28 MASTER_NAME=ipropd-master
29 SLAVE_NAME=ipropd-slave
30
31 # On the master, these are created via local kadmin or krb5_admin
32 # before the KDC starts. On slaves, these are created via krb5_admin
33 # against the running master, before the slave is ready to run!
34 #
35 # So if these are missing, whether we're master or slave, the KDC is
36 # not ready for prime-time. If these are present, odds are good we've
37 # a reasonable Kerberos database for our clients.
38 #
39 REQUIRED_SPRINCS="host iprop krb5_admin"
40
41 if [ -f "/etc/default/heimdal" ] ; then
42 . /etc/default/heimdal
43 fi
44
45 test -f $KDC_DAEMON || exit 0
46 test -f $KPASSWDD_DAEMON || exit 0
47
48 # Need the FQDN of this host to construct database readiness queries
49 # and to determine whether we're the master.
50 #
51 FQDN=$(uname -n)
52
53 lookup_princ() {
54 kadmin -l list -s -o principal= "$1" 2>/dev/null | egrep -v '^$'
55 }
56
57 # Test for the requird service principals, allow for the possibility
58 # that "kadmin -l list" may change to append the default realm to terse
59 # output in the future.
60 #
61 for sprinc in $REQUIRED_SPRINCS
62 do
63 kdcent=$(lookup_princ "$sprinc/$FQDN") &&
64 [ "${kdcent%@*}" = "$sprinc/$FQDN" ] || { KDC_ENABLED="no"; break; }
65 done
66
67 # Check to see whether we're the master.
68 #
69 MFQDN=
70 [ ! -f "$MASTER_FILE" ] || {
71 MFQDN=$(awk '/^(#|[ \t]*$)/ {next}; {print; exit}' "$MASTER_FILE")
72 }
73 if [ -z "$MFQDN" ]; then MASTER_ENABLED=no; SLAVE_ENABLED=no;
74 elif [ "$MFQDN" = "$(uname -n)" ]; then MASTER_ENABLED=yes; SLAVE_ENABLED=no;
75 else MASTER_ENABLED=no; SLAVE_ENABLED=yes; fi
76
77 # Only run kpasswdd on the master!
78 #
79 if [ "$KDC_ENABLED" != "yes" -o "$MASTER_ENABLED" != "yes" ]; then
80 KPASSWDD_ENABLED="no"
81 fi
82
83 # commented out due to bug #574425.
84 # set -e
85
86 case "$1" in
87 start)
88 if [ "$KDC_ENABLED" = "yes" ];
89 then
90 echo -n "Starting $KDC_DESC: "
91 start-stop-daemon --start --quiet --background \
92 --make-pidfile --pidfile /var/run/$KDC_NAME.pid \
93 --exec $KDC_DAEMON -- $KDC_PARAMS
94 echo "$KDC_NAME."
95 fi
96 if [ "$KPASSWDD_ENABLED" = "yes" ];
97 then
98 echo -n "Starting $KPASSWDD_DESC: "
99 start-stop-daemon --start --quiet --background \
100 --make-pidfile --pidfile /var/run/$KPASSWDD_NAME.pid \
101 --exec $KPASSWDD_DAEMON -- $KPASSWDD_PARAMS
102 echo "$KPASSWDD_NAME."
103 fi
104 if [ "$MASTER_ENABLED" = "yes" ];
105 then
106 echo -n "Starting incremental propagation master: "
107 start-stop-daemon --start --quiet --background \
108 --make-pidfile --pidfile /var/run/$MASTER_NAME.pid \
109 --exec "$IPROP_MASTER" -- $MASTER_PARAMS
110 echo "$MASTER_NAME."
111 fi
112 if [ "$SLAVE_ENABLED" = "yes" ];
113 then
114 echo -n "Starting incremental propagation slave: "
115 start-stop-daemon --start --quiet --background \
116 --make-pidfile --pidfile /var/run/$SLAVE_NAME.pid \
117 --exec "$IPROP_SLAVE" -- $SLAVE_PARAMS "$MFQDN"
118 echo "$SLAVE_NAME."
119 fi
120 ;;
121 stop)
122 if [ -f /var/run/$KPASSWDD_NAME.pid ]
123 then
124 echo -n "Stopping $KPASSWDD_DESC: "
125 start-stop-daemon --stop --oknodo --quiet --pidfile /var/run/$KPASSWDD_NAME.pid \
126 --exec $KPASSWDD_DAEMON -- $KPASSWDD_PARAMS
127 echo "$KPASSWDD_NAME."
128 fi
129 if [ -f /var/run/$KDC_NAME.pid ]
130 then
131 echo -n "Stopping $KDC_DESC: "
132 start-stop-daemon --stop --oknodo --quiet --pidfile /var/run/$KDC_NAME.pid \
133 --exec $KDC_DAEMON -- $KDC_PARAMS
134 echo "$KDC_NAME."
135 fi
136 if [ -f /var/run/$MASTER_NAME.pid ]
137 then
138 echo -n "Stopping incremental propagation master: "
139 start-stop-daemon --stop --oknodo --quiet --pidfile /var/run/$MASTER_NAME.pid \
140 --exec "$IPROP_MASTER" -- $MASTER_PARAMS
141 echo "$MASTER_NAME."
142 fi
143 if [ -f /var/run/$SLAVE_NAME.pid ]
144 then
145 echo -n "Stopping incremental propagation slave: "
146 start-stop-daemon --stop --oknodo --quiet --pidfile /var/run/$SLAVE_NAME.pid \
147 --exec "$IPROP_SLAVE" -- $SLAVE_PARAMS
148 echo "/usr/sbin/$SLAVE_NAME."
149 fi
150 ;;
151 #reload)
152 #
153 # If the daemon can reload its config files on the fly
154 # for example by sending it SIGHUP, do it here.
155 #
156 # If the daemon responds to changes in its config file
157 # directly anyway, make this a do-nothing entry.
158 #
159 # echo "Reloading $DESC configuration files."
160 # start-stop-daemon --stop --signal 1 --quiet --pidfile \
161 # /var/run/$NAME.pid --exec $DAEMON
162 #;;
163 restart|force-reload)
164 #
165 # If the "reload" option is implemented, move the "force-reload"
166 # option to the "reload" entry above. If not, "force-reload" is
167 # just the same as "restart".
168 #
169 /etc/init.d/heimdal stop
170 sleep 1
171 /etc/init.d/heimdal start
172 ;;
173 *)
174 N=/etc/init.d/$NAME
175 # echo "Usage: $N {start|stop|restart|reload|force-reload}" >&2
176 echo "Usage: $N {start|stop|restart|force-reload}" >&2
177 exit 1
178 ;;
179 esac
180
181 exit 0
Heimdal