#!@l_prefix@/bin/openpkg rc ## ## rc.kerberos -- Run-Commands ## %config kerberos_enable="$openpkg_rc_def" kerberos_daemons="krb5kdc kadmind kpropd" kerberos_flags_krb5kdc="" kerberos_flags_kadmind="" kerberos_flags_kpropd="" kerberos_flags_kprop="" kerberos_flags_kdb5_util_dump="" kerberos_propagate_hosts="" kerberos_propagate_update="hourly" kerberos_log_prolog="true" kerberos_log_epilog="true" kerberos_log_numfiles="10" kerberos_log_minsize="1M" kerberos_log_complevel="9" %common kerberos_db_dir="@l_prefix@/var/kerberos/db" kerberos_log_dir="@l_prefix@/var/kerberos/log" kerberos_log_names="krb5kdc kadmind kerberos" kerberos_pidfile_krb5kdc="@l_prefix@/var/kerberos/run/krb5kdc.pid" kerberos_pidfile_kadmind="@l_prefix@/var/kerberos/run/kadmind.pid" kerberos_pidfile_kpropd="@l_prefix@/var/kerberos/run/kpropd.pid" kerberos_signal () { [ -f $kerberos_pidfile_krb5kdc ] \ && kill -$1 `cat $kerberos_pidfile_krb5kdc` local rc_kerberos_krb5kdc=$? [ -f $kerberos_pidfile_kadmind ] \ && kill -$1 `cat $kerberos_pidfile_kadmind` local rc_kerberos_kadmind=$? [ -f $kerberos_pidfile_kpropd ] \ && kill -$1 `cat $kerberos_pidfile_kpropd` local rc_kerberos_kpropd=$? [ $rc_kerberos_krb5kdc -eq 0 -o \ $rc_kerberos_kadmind -eq 0 -o \ $rc_kerberos_kpropd -eq 0 ] } kerberos_propagate () { @l_prefix@/sbin/kdb5_util dump \ $kerberos_flags_kdb5_util_dump \ $kerberos_db_dir/kpropd.dump for host in kerberos_propagate_hosts; do @l_prefix@/sbin/kprop \ $kerberos_flags_kprop \ -f $kerberos_db_dir/kpropd.dump \ $host done rm -f $kerberos_db_dir/kpropd.dump || true } %status -u @l_susr@ -o kerberos_usable="no" kerberos_active="no" rcService kerberos enable yes && \ kerberos_signal 0 && kerberos_active="yes" echo "kerberos_enable=\"$kerberos_enable\"" echo "kerberos_usable=\"$kerberos_usable\"" echo "kerberos_active=\"$kerberos_active\"" %start -u @l_susr@ rcService kerberos enable yes || exit 0 rcService kerberos active yes && exit 0 for daemon in $kerberos_daemons; do case "$daemon" in krb5kdc ) nohup @l_prefix@/sbin/krb5kdc -n $kerberos_flags_krb5kdc & echo $! >$kerberos_pidfile_krb5kdc ;; kadmind ) nohup @l_prefix@/sbin/kadmind -nofork $kerberos_flags_kadmind & echo $! >$kerberos_pidfile_kadmind ;; kpropd ) nohup @l_prefix@/sbin/kpropd \ -S -f $kerberos_dump_file \ -p @l_prefix@/sbin/kdb5_util \ -a $kerberos_db_dir/kpropd.acl \ $kerberos_flags_kpropd & echo $! >$kerberos_pidfile_kpropd ;; esac done %stop -u @l_susr@ rcService kerberos enable yes || exit 0 rcService kerberos active no && exit 0 kerberos_signal TERM rm -f $kerberos_pidfile_krb5kdc 2>/dev/null || true rm -f $kerberos_pidfile_kadmind 2>/dev/null || true rm -f $kerberos_pidfile_kpropd 2>/dev/null || true %restart -u @l_susr@ rcService kerberos enable yes || exit 0 rcService kerberos active no && exit 0 rc kerberos stop sleep 2 rc kerberos start %quarterly -u @l_susr@ rcService kerberos enable yes || exit 0 if [ ".$kerberos_propagate_update" = .quarterly ]; then kerberos_propagate || exit $? fi %hourly -u @l_susr@ rcService kerberos enable yes || exit 0 if [ ".$kerberos_propagate_update" = .hourly ]; then kerberos_propagate || exit $? fi %daily -u @l_susr@ rcService kerberos enable yes || exit 0 if [ ".$kerberos_propagate_update" = .daily ]; then kerberos_propagate || exit $? fi rcTmp -i hintfile=`rcTmp -f -n hint` for name in $kerberos_log_names; do if [ -f $kerberos_log_dir/$name.log ]; then shtool rotate -f \ -n $kerberos_log_numfiles -s $kerberos_log_minsize -d \ -z $kerberos_log_complevel -m 664 -o @l_rusr@ -g @l_rgrp@ \ -P "$kerberos_log_prolog" \ -E "$kerberos_log_epilog; echo 1 >$hintfile" \ $kerberos_log_dir/$name.log fi done if [ -s $hintfile ]; then rc kerberos restart fi rcTmp -k %weekly -u @l_susr@ rcService kerberos enable yes || exit 0 if [ ".$kerberos_propagate_update" = .weekly ]; then kerberos_propagate || exit $? fi