From: Andreas Steffen Date: Wed, 28 Nov 2007 17:02:12 +0000 (-0000) Subject: ipsec and starter exit with LSB-compliant return codes X-Git-Tag: 4.1.9~10 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0b72091970d48a4b212e6f39a86044eaa6ffce80;p=thirdparty%2Fstrongswan.git ipsec and starter exit with LSB-compliant return codes --- diff --git a/src/ipsec/ipsec.in b/src/ipsec/ipsec.in index d1cb680ab6..3b7311651e 100755 --- a/src/ipsec/ipsec.in +++ b/src/ipsec/ipsec.in @@ -97,26 +97,36 @@ down) if [ "$#" -ne 1 ] then echo "Usage: ipsec down " - exit 1 + exit 2 fi - if test -e $IPSEC_PLUTO_PID + rc=7 + if [ -e $IPSEC_PLUTO_PID ] then $IPSEC_WHACK --name "$1" --terminate + rc="$?" fi - if test -e $IPSEC_CHARON_PID + if [ -e $IPSEC_CHARON_PID ] then $IPSEC_STROKE down "$1" + rc="$?" fi - exit 0 + exit "$rc" ;; listalgs|listpubkeys|\listcards|\rereadgroups) op="$1" shift - if test -e $IPSEC_PLUTO_PID + if [ -e $IPSEC_PLUTO_PID ] then $IPSEC_WHACK "$@" "--$op" + exit "$?" + else + if [ -e $IPSEC_CHARON_PID ] + then + exit 3 + else + exit 7 + fi fi - exit 0 ;; listcerts|listcacerts|listaacerts|\ listacerts|listgroups|listocspcerts|\ @@ -125,32 +135,39 @@ rereadsecrets|rereadcacerts|rereadaacerts|\ rereadacerts|rereadocspcerts|rereadcrls|\ rereadall|purgeocsp) op="$1" + rc=7 shift - if test -e $IPSEC_PLUTO_PID + if [ -e $IPSEC_PLUTO_PID ] then $IPSEC_WHACK "$@" "--$op" + rc="$?" fi - if test -e $IPSEC_CHARON_PID + if [ -e $IPSEC_CHARON_PID ] then $IPSEC_STROKE "$op" "$@" + rc="$?" fi - exit 0 + exit "$rc" ;; ready) shift - if test -e $IPSEC_PLUTO_PID + if [ -e $IPSEC_PLUTO_PID ] then $IPSEC_WHACK --listen + exit 0 + else + exit 7 fi - exit 0 ;; reload) - if test -e $IPSEC_STARTER_PID + if [ -e $IPSEC_STARTER_PID ] then - echo "Reloading strongSwan IPsec configuration..." >&2 - kill -s USR1 `cat $IPSEC_STARTER_PID` + echo "Reloading strongSwan IPsec configuration..." >&2 + kill -s USR1 `cat $IPSEC_STARTER_PID` + exit 0 else - echo "ipsec starter is not running" >&2 + echo "ipsec starter is not running" >&2 + exit 7 fi exit 0 ;; @@ -163,37 +180,49 @@ restart) ;; route|unroute) op="$1" + rc=7 shift if [ "$#" -ne 1 ] then - echo "Usage: ipsec $op " - exit 1 + echo "Usage: ipsec $op " + exit 2 fi - if test -e $IPSEC_PLUTO_PID + if [ -e $IPSEC_PLUTO_PID ] then $IPSEC_WHACK --name "$1" "--$op" + rc="$?" fi - if test -e $IPSEC_CHARON_PID + if [ -e $IPSEC_CHARON_PID ] then $IPSEC_STROKE "$op" "$1" + rc="$?" fi - exit 0 + exit "$rc" ;; scencrypt|scdecrypt) op="$1" shift - if test -e $IPSEC_PLUTO_PID + if [ -e $IPSEC_PLUTO_PID ] then $IPSEC_WHACK "--$op" "$@" + exit "$?" + else + exit 7 fi - exit 0 ;; secrets) - if test -e $IPSEC_PLUTO_PID + rc=7 + if [ -e $IPSEC_PLUTO_PID ] then $IPSEC_WHACK --rereadsecrets + rc="$?" fi - exit 0 + if [ -e $IPSEC_CHARON_PID ] + then + $IPSEC_STROKE rereadsecrets + rc="$?" + fi + exit "$rc" ;; start) shift @@ -201,65 +230,75 @@ start) ;; status|statusall) op="$1" + rc=7 shift - if test $# -eq 0 + if [ $# -eq 0 ] then - if test -e $IPSEC_PLUTO_PID + if [ -e $IPSEC_PLUTO_PID ] then $IPSEC_WHACK "--$op" + rc="$?" fi - if test -e $IPSEC_CHARON_PID + if [ -e $IPSEC_CHARON_PID ] then $IPSEC_STROKE "$op" + rc="$?" fi else - if test -e $IPSEC_PLUTO_PID + if [ -e $IPSEC_PLUTO_PID ] then $IPSEC_WHACK --name "$1" "--$op" + rc="$?" fi - if test -e $IPSEC_CHARON_PID + if [ -e $IPSEC_CHARON_PID ] then $IPSEC_STROKE "$op" "$1" + rc="$?" fi fi - exit 0 + exit "$rc" ;; stop) - if test -e $IPSEC_STARTER_PID + if [ -e $IPSEC_STARTER_PID ] then - echo "Stopping strongSwan IPsec..." >&2 - kill `cat $IPSEC_STARTER_PID` + echo "Stopping strongSwan IPsec..." >&2 + kill `cat $IPSEC_STARTER_PID` + exit 0 else - echo "ipsec starter is not running" >&2 + echo "ipsec starter is not running" >&2 + exit 7 fi - exit 0 ;; up) shift if [ "$#" -ne 1 ] then echo "Usage: ipsec up " - exit 1 + exit 2 fi - if test -e $IPSEC_PLUTO_PID + rc=7 + if [ -e $IPSEC_PLUTO_PID ] then $IPSEC_WHACK --name "$1" --initiate + rc="$?" fi - if test -e $IPSEC_CHARON_PID + if [ -e $IPSEC_CHARON_PID ] then - $IPSEC_STROKE up "$1" + $IPSEC_STROKE up "$1" + rc="$?" fi - exit 0 + exit "$rc" ;; update) - if test -e $IPSEC_STARTER_PID + if [ -e $IPSEC_STARTER_PID ] then echo "Updating strongSwan IPsec configuration..." >&2 kill -s HUP `cat $IPSEC_STARTER_PID` + exit 0 else echo "ipsec starter is not running" >&2 + exit 7 fi - exit 0 ;; version|--version) echo "Linux $IPSEC_NAME $IPSEC_VERSION" @@ -269,7 +308,7 @@ version|--version) ;; --*) echo "$0: unknown option \`$1' (perhaps command name was omitted?)" >&2 - exit 1 + exit 2 ;; esac @@ -278,13 +317,13 @@ shift path="$IPSEC_DIR/$cmd" -if test ! -x "$path" +if [ ! -x "$path" ] then path="$IPSEC_DIR/$cmd" - if test ! -x "$path" + if [ ! -x "$path" ] then echo "$0: unknown IPsec command \`$cmd' (\`ipsec --help' for list)" >&2 - exit 1 + exit 2 fi fi diff --git a/src/starter/starter.c b/src/starter/starter.c index fe3c2ad59a..aa4095d8c4 100644 --- a/src/starter/starter.c +++ b/src/starter/starter.c @@ -43,6 +43,19 @@ #include "cmp.h" #include "interfaces.h" +/** + * Return codes defined by Linux Standard Base Core Specification 3.1 + * in section 20.2. Init Script Actions + */ +#define LSB_RC_SUCCESS 0 /* success */ +#define LSB_RC_FAILURE 1 /* generic or unspecified error */ +#define LSB_RC_INVALID_ARGUMENT 2 /* invalid or excess argument(s) */ +#define LSB_RC_NOT_IMPLEMENTED 3 /* unimplemented feature (reload) */ +#define LSB_RC_NOT_ALLOWED 4 /* user had insufficient privilege */ +#define LSB_RC_NOT_INSTALLED 5 /* program is not installed */ +#define LSB_RC_NOT_CONFIGURED 6 /* program is not configured */ +#define LSB_RC_NOT_RUNNING 7 /* program is not running */ + #define FLAG_ACTION_START_PLUTO 0x01 #define FLAG_ACTION_UPDATE 0x02 #define FLAG_ACTION_RELOAD 0x04 @@ -131,7 +144,7 @@ usage(char *name) { fprintf(stderr, "Usage: starter [--nofork] [--auto-update ] " "[--debug|--debug-more|--debug-all]\n"); - exit(1); + exit(LSB_RC_INVALID_ARGUMENT); } int main (int argc, char **argv) @@ -205,7 +218,7 @@ int main (int argc, char **argv) if (getuid() != 0) { plog("permission denied (must be superuser)"); - exit(1); + exit(LSB_RC_NOT_ALLOWED); } if (stat(PLUTO_PID_FILE, &stb) == 0) @@ -227,13 +240,13 @@ int main (int argc, char **argv) if (stat(DEV_RANDOM, &stb) != 0) { plog("unable to start strongSwan IPsec -- no %s!", DEV_RANDOM); - exit(1); + exit(LSB_RC_FAILURE); } if (stat(DEV_URANDOM, &stb)!= 0) { plog("unable to start strongSwan IPsec -- no %s!", DEV_URANDOM); - exit(1); + exit(LSB_RC_FAILURE); } cfg = confread_load(CONFIG_FILE); @@ -244,14 +257,14 @@ int main (int argc, char **argv) { confread_free(cfg); } - exit(1); + exit(LSB_RC_INVALID_ARGUMENT); } /* determine if we have a native netkey IPsec stack */ if (!starter_netkey_init()) { plog("no netkey IPSec stack detected"); - exit(1); + exit(LSB_RC_FAILURE); } last_reload = time(NULL); @@ -259,7 +272,7 @@ int main (int argc, char **argv) if (stat(STARTER_PID_FILE, &stb) == 0) { plog("starter is already running (%s exists) -- no fork done", STARTER_PID_FILE); - exit(0); + exit(LSB_RC_SUCCESS); } /* fork if we're not debugging stuff */ @@ -287,7 +300,7 @@ int main (int argc, char **argv) plog("can't fork: %s", strerror(errno)); break; default: - exit(0); + exit(LSB_RC_SUCCESS); } } @@ -322,7 +335,7 @@ int main (int argc, char **argv) #endif /* LEAK_DETECTIVE */ close_log(); plog("ipsec starter stopped"); - exit(0); + exit(LSB_RC_SUCCESS); } /* @@ -643,7 +656,6 @@ int main (int argc, char **argv) _action_ |= FLAG_ACTION_UPDATE; } } - - return 0; + exit(LSB_RC_SUCCESS); }