File strongswan.init.in of Package strongswan

#!/bin/bash
#
#     SUSE/LSB system startup script for strongswan ipsec
#
#     Copyright (C) 2007 Marius Tomaschewski, SUSE / Novell Inc.
#     based on /etc/init.d/skeleton.compat by Kurt Garloff.
#
#     This library is free software; you can redistribute it and/or modify it
#     under the terms of the GNU Lesser General Public License as published by
#     the Free Software Foundation; either version 2.1 of the License, or (at
#     your option) any later version.
#
#     This library is distributed in the hope that it will be useful, but
#     WITHOUT ANY WARRANTY; without even the implied warranty of
#     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
#     Lesser General Public License for more details.
#
#     You should have received a copy of the GNU Lesser General Public
#     License along with this library; if not, write to the Free Software
#     Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
#     USA.
#
# /etc/init.d/ipsec
#     and its symbolic link
# /usr/sbin/rcipsec
#
# LSB compatible service control script; see http://www.linuxbase.org/spec/
# Please send feedback to http://www.suse.de/feedback/
#
# Note: This script uses functions rc_XXX defined in /etc/rc.status on
# UnitedLinux/SUSE/Novell based Linux distributions. However, it shoule
# work on other distributions as well, by using the LSB (Linux Standard
# Base) or RH functions or by open coding the needed functions.
#
# chkconfig: 345 99 00
# description: StrongSwan IPsec
#
### BEGIN INIT INFO
# Provides:          ipsec
# Required-Start:    $syslog $remote_fs $named
# Should-Start:      $time
# Required-Stop:     $syslog $remote_fs $named
# Should-Stop:       $time
# Default-Start:     3 5
# Default-Stop:      0 1 2 6
# Short-Description: StrongSwan IPsec
# Description:       StrongSwan IPsec provides encrypted and authenticated
#	communication via a unsafe network, such as the internet.
#	This scripts loads the kernel modules and starts the user-space setup.
### END INIT INFO


# Check for missing binaries (stale symlinks should not happen)
# Note: Special treatment of stop for LSB conformance
IPSEC_CMD="/usr/sbin/ipsec"
test -x $IPSEC_CMD || {
	echo "$IPSEC_CMD not installed";
	if [ "$1" = "stop" ]; then exit 0; else exit 5; fi;
}
IPSEC_STARTER="@libexecdir@/ipsec/starter"
test -x $IPSEC_STARTER || { 
        echo "$IPSEC_STARTER not installed";   
        if [ "$1" = "stop" ]; then exit 0; else exit 5; fi;
}

# The pid file of the ipsec starter
IPSEC_PIDFILE="/var/run/starter.pid"

# Check for existence of needed config files
IPSEC_CONFIG="/etc/ipsec.conf"
test -r $IPSEC_CONFIG || {
	echo "$IPSEC_CONFIG not existing";
	if [ "$1" = "stop" ]; then exit 0; else exit 6; fi;
}
IPSEC_SECRET="/etc/ipsec.secrets"
test -r $IPSEC_SECRET || {
	echo "$IPSEC_SECRET not existing";
	if [ "$1" = "stop" ]; then exit 0; else exit 6; fi;
}

# Source LSB init functions
# providing start_daemon, killproc, pidofproc, 
# log_success_msg, log_failure_msg and log_warning_msg.
# This is currently not used by UnitedLinux based distributions and
# not needed for init scripts for UnitedLinux only. If it is used,
# the functions from rc.status should not be sourced or used.
#. /lib/lsb/init-functions

# Shell functions sourced from /etc/rc.status:
#      rc_check         check and set local and overall rc status
#      rc_status        check and set local and overall rc status
#      rc_status -v     be verbose in local rc status and clear it afterwards
#      rc_status -v -r  ditto and clear both the local and overall rc status
#      rc_status -s     display "skipped" and exit with status 3
#      rc_status -u     display "unused" and exit with status 3
#      rc_failed        set local and overall rc status to failed
#      rc_failed <num>  set local and overall rc status to <num>
#      rc_reset         clear both the local and overall rc status
#      rc_exit          exit appropriate to overall rc status
#      rc_active        checks whether a service is activated by symlinks

# Use the SUSE rc_ init script functions;
# emulate them on LSB, RH and other systems

# Default: Assume sysvinit binaries exist
start_daemon() { /sbin/start_daemon ${1+"$@"}; }
killproc()     { /sbin/killproc     ${1+"$@"}; }
pidofproc()    { /sbin/pidofproc    ${1+"$@"}; }
checkproc()    { /sbin/checkproc    ${1+"$@"}; }
if test -e /etc/rc.status; then
    # SUSE rc script library
    . /etc/rc.status
else
    export LC_ALL=POSIX
    _cmd=$1
    declare -a _SMSG
    if test "${_cmd}" = "status"; then
	_SMSG=(running dead dead unused unknown reserved)
	_RC_UNUSED=3
    else
	_SMSG=(done failed failed missed failed skipped unused failed failed reserved)
	_RC_UNUSED=6
    fi
    if test -e /lib/lsb/init-functions; then
	# LSB    
	. /lib/lsb/init-functions
	echo_rc()
	{
	    if test ${_RC_RV} = 0; then
		log_success_msg "  [${_SMSG[${_RC_RV}]}] "
	    else
		log_failure_msg "  [${_SMSG[${_RC_RV}]}] "
	    fi
	}
	# TODO: Add checking for lockfiles
	checkproc() { pidofproc ${1+"$@"} >/dev/null 2>&1; }
    elif test -e /etc/init.d/functions; then
	# RHAT
	. /etc/init.d/functions
	echo_rc()
	{
	    #echo -n "  [${_SMSG[${_RC_RV}]}] "
	    if test ${_RC_RV} = 0; then
		success "  [${_SMSG[${_RC_RV}]}] "
	    else
		failure "  [${_SMSG[${_RC_RV}]}] "
	    fi
	}
	checkproc() { status ${1+"$@"}; }
	start_daemon() { daemon ${1+"$@"}; }
    else
	# emulate it
	echo_rc() { echo "  [${_SMSG[${_RC_RV}]}] "; }
    fi
    rc_reset() { _RC_RV=0; }
    rc_failed()
    {
	if test -z "$1"; then 
	    _RC_RV=1;
	elif test "$1" != "0"; then 
	    _RC_RV=$1; 
    	fi
	return ${_RC_RV}
    }
    rc_check()
    {
	rc_failed $?
    }	
    rc_status()
    {
	rc_failed $?
	if test "$1" = "-r"; then _RC_RV=0; shift; fi
	if test "$1" = "-s"; then rc_failed 5; echo_rc; rc_failed 3; shift; fi
	if test "$1" = "-u"; then rc_failed ${_RC_UNUSED}; echo_rc; rc_failed 3; shift; fi
	if test "$1" = "-v"; then echo_rc; shift; fi
	if test "$1" = "-r"; then _RC_RV=0; shift; fi
	return ${_RC_RV}
    }
    rc_exit() { exit ${_RC_RV}; }
    rc_active() 
    {
        local x
	for x in /etc/rc.d/rc[0-9].d/S[0-9][0-9]${1} ; do
		test -e $x && return 0 || break
	done
	return 1
    }
fi

# Reset status of this service
rc_reset

# Return values acc. to LSB for all commands but status:
# 0       - success
# 1       - generic or unspecified error
# 2       - invalid or excess argument(s)
# 3       - unimplemented feature (e.g. "reload")
# 4       - user had insufficient privileges
# 5       - program is not installed
# 6       - program is not configured
# 7       - program is not running
# 8--199  - reserved (8--99 LSB, 100--149 distrib, 150--199 appl)
#
# Note that starting an already running service, stopping
# or restarting a not-running service as well as the restart
# with force-reload (in case signaling is not supported) are
# considered a success.

case "$1" in
    start)
	$IPSEC_CMD start 2>&1
	rc_status -v1
	;;
    stop)
	$IPSEC_CMD stop 2>&1
	rc_status -v1
	;;
    try-restart|condrestart)
	## Do a restart only if the service was active before.
	## Note: try-restart is now part of LSB (as of 1.9).
	## RH has a similar command named condrestart.
	if test "$1" = "condrestart"; then
		echo "${attn} Use try-restart ${done}(LSB)${attn} rather than condrestart ${warn}(RH)${norm}"
	fi
	$0 status
	if test $? = 0; then
		$0 restart
	else
		rc_reset	# Not running is not a failure.
	fi
	# Remember status and be quiet
	rc_status
	;;
    restart)
	## Stop the service and regardless of whether it was
	## running or not, start it again.
	$0 stop
	sleep 2
	$0 start

	# Remember status and be quiet
	rc_status
	;;
    reload|force-reload)
	$IPSEC_CMD reload
	rc_status -v1
	;;
    status)
	# Return value is slightly different for the status command:
	# 0 - service up and running
	# 1 - service dead, but /var/run/  pid  file exists
	# 2 - service dead, but /var/lock/ lock file exists
	# 3 - service not running (unused)
	# 4 - service status unknown :-(
	# 5--199 reserved (5--99 LSB, 100--149 distro, 150--199 appl.)
	
	echo -n "Checking for service strongSwan IPsec "
	#checkproc $IPSEC_STARTER
	$IPSEC_CMD status 2>&1 >/dev/null

	# NOTE: rc_status knows that we called this init script with
	# "status" option and adapts its messages accordingly.
	rc_status -v
	;;
    probe)
	## Optional: Probe for the necessity of a reload, print out the
	## argument to this init script which is required for a reload.
	## Note: probe is not (yet) part of LSB (as of 1.9)

	test $IPSEC_CONFIG -nt $IPSEC_PIDFILE || \
	test $IPSEC_SECRET -nt $IPSEC_PIDFILE && echo reload
	;;
    *)
	echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload|probe}"
	exit 1
	;;
esac
rc_exit
openSUSE Build Service is sponsored by