File debian.openvas-scanner.init of Package openvas-scanner

#!/bin/sh -e
#
# /etc/init.d/openvas-scanner
#
# Originally written by Miquel van Smoorenburg <miquels@drinkel.ow.org>.
# Modified for Debian GNU/Linux by Ian Murdock <imurdock@gnu.ai.mit.edu>.
# Modified for nessusd by Luca Andreucci <andrew@andrew.org>
# Further changes by Javier Fernandez-Sanguino <jfs@debian.org> for the 
# Debian GNU/Linux distribution
# Even more changes for Debian GNU/Linux openvas-scanner package by
# Tim Brown <timb@nth-dimension.org.uk>
#
### BEGIN INIT INFO
# Provides:          openvas-scanner
# Required-Start:    $remote_fs
# Required-Stop:     $remote_fs
# Should-Start:      
# Should-Stop:       
# Default-Start:     
# Default-Stop:      0 6
# Short-Description: Start and stop the OpenVAS daemon
# Description:       Controls the main OpenVAS daemon "openvassd".
### END INIT INFO

# time to wait for daemons death, in seconds
# don't set it too low or you might not let openvassd die gracefully
DODTIME=5

[ -r /etc/default/openvas-scanner ] && . /etc/default/openvas-scanner

# daemon options
DAEMONOPTS="-q"
[ "$SCANNER_ADDRESS" ] && DAEMONOPTS="$DAEMONOPTS --listen=$SCANNER_ADDRESS"
[ "$SCANNER_PORT" ]    && DAEMONOPTS="$DAEMONOPTS --port=$SCANNER_PORT"

DAEMON=/usr/sbin/openvassd
PIDFILE=/var/run/openvassd.pid
NAME=openvassd
LABEL="OpenVAS Scanner"

test -x $DAEMON || exit 0


running()
{
    # No pidfile, probably no daemon present
    #
    [ ! -f "$PIDFILE" ] && return 1
    pid=`cat $PIDFILE`

    # No pid, probably no daemon present
    [ -z "$pid" ] && return 1

    [ ! -d /proc/$pid ] &&  return 1
    cmd=`cat /proc/$pid/cmdline | tr "\000" "\n"|head -n 1 |cut -d : -f 1`
    # No openvassd?
    [ "$cmd" != "$NAME" ] &&  return 1

    return 0
}

warn_cert_file() {
	echo -n "WARN: The (expected) certificate file $1 is not available." >&2
	echo -n "The OpenVAS daemon might not start up." >&2
}

check_certs() {
	CERTDIR=/var/lib/openvas/CA/
	PRIVCERTDIR=/var/lib/openvas/private/CA/
	for cert in cacert.pem servercert.pem; do
		[ ! -r "$CERTDIR/$cert" ] && warn_cert_file "$CERTDIR/$cert"
	done
	for cert in cakey.pem serverkey.pem; do
		[ ! -r "$PRIVCERTDIR/$cert" ] && warn_cert_file "$CERTDIR/$cert"
	done
}

openvas_start() {
	check_certs
        start-stop-daemon --start --exec $DAEMON -- $DAEMONOPTS 2>&1 >/dev/null
	errcode=$?
# If we don't sleep then running() might not see the pidfile
	sleep $DODTIME
	return $errcode
}

force_stop() {
	[ ! -e "$PIDFILE" ] && return
	if running ; then
		kill -15 $pid
	# Is it really dead?
		sleep "$DODTIME"s
		if running ; then
			kill -9 $pid
			sleep "$DODTIME"s
			if running ; then
				echo "Cannot kill $LABEL (pid=$pid)!"
				exit 1
			fi
		fi
	fi
	rm -f $PIDFILE
}

case "$1" in
  start)
    echo -n "Starting $LABEL: "
    if openvas_start && running ;  then
	    echo "openvassd."
    else
    	    echo "ERROR."
	    exit 1
    fi
    ;;
  stop)
    echo -n "Stopping $LABEL: "
    if running ; then
	start-stop-daemon --stop --pidfile $PIDFILE --quiet --oknodo --exec $DAEMON
    	sleep "$DODTIME"s
    fi
    if running; then
        force_stop
    fi
    echo "openvassd."
      ;;
  restart)
    echo -n "Restarting $LABEL: "
    if running; then
    	start-stop-daemon --stop --pidfile $PIDFILE --quiet --oknodo --exec $DAEMON
    	sleep "$DODTIME"s
    fi
    if running; then
        force_stop
    fi
    if openvas_start && running ;  then
	    echo "openvassd."
    else
    	    echo "ERROR."
	    exit 1
    fi
    ;;
  reload|force-reload)
    echo  -n "Reloading $LABEL configuration files: "
    start-stop-daemon --stop --pidfile $PIDFILE --signal 1 --exec $DAEMON
    sleep "$DODTIME"s
    if running ;  then
	    echo "done."
    else
    	    echo "ERROR."
	    exit 1
    fi
    ;;
  status)
    echo -n "$LABEL is "
    if running ;  then
	    echo "running"
    else
    	    echo " not running."
	    exit 1
    fi
    ;;
  *)
    echo "Usage: /etc/init.d/openvas-scanner {start|stop|restart|reload|status}"
    exit 1
    ;;
esac

exit 0

openSUSE Build Service is sponsored by