--- /dev/null
+#!/bin/sh
+# IPsec startup and shutdown script
+# Copyright (C) 1998, 1999, 2001 Henry Spencer.
+# Copyright (C) 2002 Michael Richardson <mcr@freeswan.org>
+#
+# This program is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by the
+# Free Software Foundation; either version 2 of the License, or (at your
+# option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+# for more details.
+#
+# RCSID $Id: setup.in,v 1.122.6.3 2006/10/26 23:54:32 paul Exp $
+#
+# ipsec init.d script for starting and stopping
+# the IPsec security subsystem (KLIPS and Pluto).
+#
+# This script becomes /etc/rc.d/init.d/ipsec (or possibly /etc/init.d/ipsec)
+# and is also accessible as "ipsec setup" (the preferred route for human
+# invocation).
+#
+# The startup and shutdown times are a difficult compromise (in particular,
+# it is almost impossible to reconcile them with the insanely early/late
+# times of NFS filesystem startup/shutdown). Startup is after startup of
+# syslog and pcmcia support; shutdown is just before shutdown of syslog.
+#
+# chkconfig: 2345 47 76
+# description: IPsec provides encrypted and authenticated communications; \
+# KLIPS is the kernel half of it, Pluto is the user-level management daemon.
+
+me='ipsec setup' # for messages
+
+# where the private directory and the config files are
+IPSEC_EXECDIR="${IPSEC_EXECDIR-/usr/libexec/ipsec}"
+IPSEC_LIBDIR="${IPSEC_LIBDIR-/usr/lib/ipsec}"
+IPSEC_SBINDIR="${IPSEC_SBINDIR-/usr/sbin}"
+IPSEC_CONFS="${IPSEC_CONFS-/etc}"
+
+if test " $IPSEC_DIR" = " " # if we were not called by the ipsec command
+then
+ # we must establish a suitable PATH ourselves
+ PATH="${IPSEC_SBINDIR}":/sbin:/usr/sbin:/usr/local/bin:/bin:/usr/bin
+ export PATH
+
+ IPSEC_DIR="$IPSEC_LIBDIR"
+ export IPSEC_DIR IPSEC_CONFS IPSEC_LIBDIR IPSEC_EXECDIR
+fi
+
+# Check that the ipsec command is available.
+found=
+for dir in `echo $PATH | tr ':' ' '`
+do
+ if test -f $dir/ipsec -a -x $dir/ipsec
+ then
+ found=yes
+ break # NOTE BREAK OUT
+ fi
+done
+if ! test "$found"
+then
+ echo "cannot find ipsec command -- \`$1' aborted" |
+ logger -s -p daemon.error -t ipsec_setup
+ exit 1
+fi
+
+# accept a few flags
+
+export IPSEC_setupflags
+IPSEC_setupflags=""
+
+config=""
+
+for dummy
+do
+ case "$1" in
+ --showonly|--show) IPSEC_setupflags="$1" ;;
+ --config) config="--config $2" ; shift ;;
+ *) break ;;
+ esac
+ shift
+done
+
+
+# Pick up IPsec configuration (until we have done this, successfully, we
+# do not know where errors should go, hence the explicit "daemon.error"s.)
+# Note the "--export", which exports the variables created.
+eval `ipsec _confread $config --optional --varprefix IPSEC --export --type config setup`
+
+if test " $IPSEC_confreadstatus" != " "
+then
+ case $1 in
+ stop|--stop|_autostop)
+ echo "$IPSEC_confreadstatus -- \`$1' may not work" |
+ logger -s -p daemon.error -t ipsec_setup;;
+
+ *) echo "$IPSEC_confreadstatus -- \`$1' aborted" |
+ logger -s -p daemon.error -t ipsec_setup;
+ exit 1;;
+ esac
+fi
+
+IPSEC_confreadsection=${IPSEC_confreadsection:-setup}
+export IPSEC_confreadsection
+
+IPSECsyslog=${IPSECsyslog-daemon.error}
+export IPSECsyslog
+
+# misc setup
+umask 022
+
+mkdir -p /var/run/pluto
+
+
+# do it
+case "$1" in
+ start|--start|stop|--stop|_autostop|_autostart)
+ if test " `id -u`" != " 0"
+ then
+ echo "permission denied (must be superuser)" |
+ logger -s -p $IPSECsyslog -t ipsec_setup 2>&1
+ exit 1
+ fi
+ tmp=/var/run/pluto/ipsec_setup.st
+ outtmp=/var/run/pluto/ipsec_setup.out
+ (
+ ipsec _realsetup $1
+ echo "$?" >$tmp
+ ) > ${outtmp} 2>&1
+ st=$?
+ if test -f $tmp
+ then
+ st=`cat $tmp`
+ rm -f $tmp
+ fi
+ if [ -f ${outtmp} ]; then
+ cat ${outtmp} | logger -s -p $IPSECsyslog -t ipsec_setup 2>&1
+ rm -f ${outtmp}
+ fi
+ sleep 20 && chown root:nobody /var/run/pluto -R && chmod 770 /var/run/pluto -R && ln -sf /var/run/pluto/pluto.pid /var/run/pluto.pid 2>&1 &
+ exit $st
+ ;;
+
+ restart|--restart|force-reload)
+ $0 $IPSEC_setupflags stop
+ $0 $IPSEC_setupflags start
+ ;;
+
+ _autorestart) # for internal use only
+ $0 $IPSEC_setupflags _autostop
+ $0 $IPSEC_setupflags _autostart
+ ;;
+
+ status|--status)
+ ipsec _realsetup $1
+ exit
+ ;;
+
+ --version)
+ echo "$me $IPSEC_VERSION"
+ exit 0
+ ;;
+
+ --help)
+ echo "Usage: $me [ --showonly ] {--start|--stop|--restart}"
+ echo " $me --status"
+ exit 0
+ ;;
+
+ *)
+ echo "Usage: $me [ --showonly ] {--start|--stop|--restart}"
+ echo " $me --status"
+ exit 2
+esac
+
+exit 0
projects / people / teissler / ipfire-2.x.git / commitdiff
