File debian.openvas-scanner.init of Package openvas-scanner
#!/bin/sh -e
#
# /etc/init.d/openvas-scanner
#
# Originally written by Miquel van Smoorenburg <miquels@drinkel.ow.org>.
# Modified for Debian GNU/Linux by Ian Murdock <imurdock@gnu.ai.mit.edu>.
# Modified for nessusd by Luca Andreucci <andrew@andrew.org>
# Further changes by Javier Fernandez-Sanguino <jfs@debian.org> for the
# Debian GNU/Linux distribution
# Even more changes for Debian GNU/Linux openvas-scanner package by
# Tim Brown <timb@nth-dimension.org.uk>
#
### BEGIN INIT INFO
# Provides: openvas-scanner
# Required-Start: $remote_fs
# Required-Stop: $remote_fs
# Should-Start:
# Should-Stop:
# Default-Start:
# Default-Stop: 0 6
# Short-Description: Start and stop the OpenVAS daemon
# Description: Controls the main OpenVAS daemon "openvassd".
### END INIT INFO
# time to wait for daemons death, in seconds
# don't set it too low or you might not let openvassd die gracefully
DODTIME=5
[ -r /etc/default/openvas-scanner ] && . /etc/default/openvas-scanner
# daemon options
DAEMONOPTS="-q"
[ "$SCANNER_ADDRESS" ] && DAEMONOPTS="$DAEMONOPTS --listen=$SCANNER_ADDRESS"
[ "$SCANNER_PORT" ] && DAEMONOPTS="$DAEMONOPTS --port=$SCANNER_PORT"
DAEMON=/usr/sbin/openvassd
PIDFILE=/var/run/openvassd.pid
NAME=openvassd
LABEL="OpenVAS Scanner"
test -x $DAEMON || exit 0
running()
{
# No pidfile, probably no daemon present
#
[ ! -f "$PIDFILE" ] && return 1
pid=`cat $PIDFILE`
# No pid, probably no daemon present
[ -z "$pid" ] && return 1
[ ! -d /proc/$pid ] && return 1
cmd=`cat /proc/$pid/cmdline | tr "\000" "\n"|head -n 1 |cut -d : -f 1`
# No openvassd?
[ "$cmd" != "$NAME" ] && return 1
return 0
}
warn_cert_file() {
echo -n "WARN: The (expected) certificate file $1 is not available." >&2
echo -n "The OpenVAS daemon might not start up." >&2
}
check_certs() {
CERTDIR=/var/lib/openvas/CA/
PRIVCERTDIR=/var/lib/openvas/private/CA/
for cert in cacert.pem servercert.pem; do
[ ! -r "$CERTDIR/$cert" ] && warn_cert_file "$CERTDIR/$cert"
done
for cert in cakey.pem serverkey.pem; do
[ ! -r "$PRIVCERTDIR/$cert" ] && warn_cert_file "$CERTDIR/$cert"
done
}
openvas_start() {
check_certs
start-stop-daemon --start --exec $DAEMON -- $DAEMONOPTS 2>&1 >/dev/null
errcode=$?
# If we don't sleep then running() might not see the pidfile
sleep $DODTIME
return $errcode
}
force_stop() {
[ ! -e "$PIDFILE" ] && return
if running ; then
kill -15 $pid
# Is it really dead?
sleep "$DODTIME"s
if running ; then
kill -9 $pid
sleep "$DODTIME"s
if running ; then
echo "Cannot kill $LABEL (pid=$pid)!"
exit 1
fi
fi
fi
rm -f $PIDFILE
}
case "$1" in
start)
echo -n "Starting $LABEL: "
if openvas_start && running ; then
echo "openvassd."
else
echo "ERROR."
exit 1
fi
;;
stop)
echo -n "Stopping $LABEL: "
if running ; then
start-stop-daemon --stop --pidfile $PIDFILE --quiet --oknodo --exec $DAEMON
sleep "$DODTIME"s
fi
if running; then
force_stop
fi
echo "openvassd."
;;
restart)
echo -n "Restarting $LABEL: "
if running; then
start-stop-daemon --stop --pidfile $PIDFILE --quiet --oknodo --exec $DAEMON
sleep "$DODTIME"s
fi
if running; then
force_stop
fi
if openvas_start && running ; then
echo "openvassd."
else
echo "ERROR."
exit 1
fi
;;
reload|force-reload)
echo -n "Reloading $LABEL configuration files: "
start-stop-daemon --stop --pidfile $PIDFILE --signal 1 --exec $DAEMON
sleep "$DODTIME"s
if running ; then
echo "done."
else
echo "ERROR."
exit 1
fi
;;
status)
echo -n "$LABEL is "
if running ; then
echo "running"
else
echo " not running."
exit 1
fi
;;
*)
echo "Usage: /etc/init.d/openvas-scanner {start|stop|restart|reload|status}"
exit 1
;;
esac
exit 0
