From c731d42b1adbc6fc0d72bf3f551ae96962d1d26a Mon Sep 17 00:00:00 2001 From: Felix Fietkau Date: Sun, 15 Oct 2006 21:03:30 +0000 Subject: init script cleanup, use /etc/rc.d/ for enabled scripts, /etc/init.d/ (enable|disable) manages symlinks git-svn-id: svn://svn.openwrt.org/openwrt/trunk@5128 3c298f89-4303-0410-b956-a3cf2f4a3e73 --- package/openswan/Makefile | 4 +- package/openswan/files/ipsec.init | 158 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 159 insertions(+), 3 deletions(-) create mode 100755 package/openswan/files/ipsec.init (limited to 'package/openswan') diff --git a/package/openswan/Makefile b/package/openswan/Makefile index 54b565efdd..b5adc54257 100644 --- a/package/openswan/Makefile +++ b/package/openswan/Makefile @@ -21,8 +21,6 @@ PKG_CAT:=zcat PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION) PKG_INSTALL_DIR:=$(PKG_BUILD_DIR)/ipkg-install -PKG_INIT_PRIO:=60 - include $(INCLUDE_DIR)/package.mk define Package/openswan/Default @@ -76,7 +74,7 @@ endef define Package/openswan/install $(CP) $(PKG_INSTALL_DIR)/* $(1) install -d -m0755 $(1)/etc/init.d - $(CP) $(1)/etc/rc.d/init.d/ipsec $(1)/etc/init.d/S$(PKG_INIT_PRIO)ipsec + $(CP) ./files/ipsec.init $(1)/etc/init.d/ipsec rm -rf $(1)/usr/share rm -rf $(1)/usr/man rm -rf $(1)/var diff --git a/package/openswan/files/ipsec.init b/package/openswan/files/ipsec.init new file mode 100755 index 0000000000..33c416351d --- /dev/null +++ b/package/openswan/files/ipsec.init @@ -0,0 +1,158 @@ +#!/bin/sh /etc/rc.common +# IPsec startup and shutdown script +# Copyright (C) 1998, 1999, 2001 Henry Spencer. +# Copyright (C) 2002 Michael Richardson +# Copyright (C) 2006 OpenWrt.org +# +# This program is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation; either version 2 of the License, or (at your +# option) any later version. See . +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY +# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +# for more details. +# +# RCSID $Id: setup.in,v 1.122.6.1 2005/07/25 19:17:03 ken Exp $ +# +# ipsec init.d script for starting and stopping +# the IPsec security subsystem (KLIPS and Pluto). +# +# This script becomes /etc/rc.d/init.d/ipsec (or possibly /etc/init.d/ipsec) +# and is also accessible as "ipsec setup" (the preferred route for human +# invocation). +# +# The startup and shutdown times are a difficult compromise (in particular, +# it is almost impossible to reconcile them with the insanely early/late +# times of NFS filesystem startup/shutdown). Startup is after startup of +# syslog and pcmcia support; shutdown is just before shutdown of syslog. +# +# chkconfig: 2345 47 76 +# description: IPsec provides encrypted and authenticated communications; \ +# KLIPS is the kernel half of it, Pluto is the user-level management daemon. + +START=60 +script_init() { + me='ipsec setup' # for messages + + # where the private directory and the config files are + IPSEC_EXECDIR="${IPSEC_EXECDIR-/usr/libexec/ipsec}" + IPSEC_LIBDIR="${IPSEC_LIBDIR-/usr/lib/ipsec}" + IPSEC_SBINDIR="${IPSEC_SBINDIR-/usr/sbin}" + IPSEC_CONFS="${IPSEC_CONFS-/etc}" + + if test " $IPSEC_DIR" = " " # if we were not called by the ipsec command + then + # we must establish a suitable PATH ourselves + PATH="${IPSEC_SBINDIR}":/sbin:/usr/sbin:/usr/local/bin:/bin:/usr/bin + export PATH + + IPSEC_DIR="$IPSEC_LIBDIR" + export IPSEC_DIR IPSEC_CONFS IPSEC_LIBDIR IPSEC_EXECDIR + fi + + # Check that the ipsec command is available. + found= + for dir in `echo $PATH | tr ':' ' '` + do + if test -f $dir/ipsec -a -x $dir/ipsec + then + found=yes + break # NOTE BREAK OUT + fi + done + if ! test "$found" + then + echo "cannot find ipsec command -- \`$1' aborted" | + logger -s -p daemon.error -t ipsec_setup + exit 1 + fi + + # Pick up IPsec configuration (until we have done this, successfully, we + # do not know where errors should go, hence the explicit "daemon.error"s.) + # Note the "--export", which exports the variables created. + eval `ipsec _confread $config --optional --varprefix IPSEC --export --type config setup` + + if test " $IPSEC_confreadstatus" != " " + then + case $1 in + stop|--stop|_autostop) + echo "$IPSEC_confreadstatus -- \`$1' may not work" | + logger -s -p daemon.error -t ipsec_setup;; + + *) echo "$IPSEC_confreadstatus -- \`$1' aborted" | + logger -s -p daemon.error -t ipsec_setup; + exit 1;; + esac + fi + + IPSEC_confreadsection=${IPSEC_confreadsection:-setup} + export IPSEC_confreadsection + + IPSECsyslog=${IPSECsyslog-daemon.error} + export IPSECsyslog + + # misc setup + umask 022 + + mkdir -p /var/run/pluto +} + +script_command() { + if [ "${USER}" != "root" ] + then + echo "permission denied (must be superuser)" | + logger -s -p $IPSECsyslog -t ipsec_setup 2>&1 + exit 1 + fi + # make sure all required directories exist + if [ ! -d /var/run/pluto ] + then + mkdir -p /var/run/pluto + fi + if [ ! -d /var/lock/subsys ] + then + mkdir -p /var/lock/subsys + fi + tmp=/var/run/pluto/ipsec_setup.st + outtmp=/var/run/pluto/ipsec_setup.out + ( + ipsec _realsetup $1 + echo "$?" >$tmp + ) > ${outtmp} 2>&1 + st=$? + if test -f $tmp + then + st=`cat $tmp` + rm -f $tmp + fi + if [ -f ${outtmp} ]; then + cat ${outtmp} | logger -s -p $IPSECsyslog -t ipsec_setup 2>&1 + rm -f ${outtmp} + fi +} + + +start() { + script_init start "$@" + script_command start "$@" +} + +stop() { + script_init stop "$@" + script_command stop "$@" +} + +restart() { + script_init stop "$@" + script_command stop "$@" + script_command start "$@" +} + +status() { + script_init status "$@" + ipsec _realsetup status +} +EXTRA_COMMANDS=status +EXTRA_HELP=" status Show the status of the service" -- cgit v1.2.3