1#! /bin/sh 2# Copyright (c) 2001-2002 SuSE GmbH Nuernberg, Germany. 3# 4# Author: Michal Ludvig <feedback@suse.de>, 2004 5# 6# /etc/init.d/ipsec-tools 7# and its symbolic link 8# /usr/sbin/rcipsec-tools 9# 10# System startup script for the IPsec key management daemon 11# 12### BEGIN INIT INFO 13# Provides: racoon 14# Required-Start: $remote_fs $named $syslog 15# Required-Stop: $remote_fs $named $syslog 16# Default-Start: 3 5 17# Default-Stop: 0 1 2 6 18# Description: IPsec key management daemon 19### END INIT INFO 20 21SETKEY="IPsec policies" 22SETKEY_BIN=/usr/sbin/setkey 23SETKEY_CONF=/etc/racoon/setkey.conf 24 25RACOON="IPsec IKE daemon (racoon)" 26RACOON_BIN=/usr/sbin/racoon 27RACOON_CONF=/etc/racoon/racoon.conf 28RACOON_PIDFILE=/var/run/racoon.pid 29 30test -x $SETKEY_BIN || exit 5 31test -x $RACOON_BIN || exit 5 32 33test -f /etc/sysconfig/racoon && . /etc/sysconfig/racoon 34 35# Shell functions sourced from /etc/rc.status: 36# rc_check check and set local and overall rc status 37# rc_status check and set local and overall rc status 38# rc_status -v ditto but be verbose in local rc status 39# rc_status -v -r ditto and clear the local rc status 40# rc_failed set local and overall rc status to failed 41# rc_failed <num> set local and overall rc status to <num><num> 42# rc_reset clear local rc status (overall remains) 43# rc_exit exit appropriate to overall rc status 44. /etc/rc.status 45 46# First reset status of this service 47rc_reset 48 49# Return values acc. to LSB for all commands but status: 50# 0 - success 51# 1 - generic or unspecified error 52# 2 - invalid or excess argument(s) 53# 3 - unimplemented feature (e.g. "reload") 54# 4 - insufficient privilege 55# 5 - program is not installed 56# 6 - program is not configured 57# 7 - program is not running 58# 59# Note that starting an already running service, stopping 60# or restarting a not-running service as well as the restart 61# with force-reload (in case signalling is not supported) are 62# considered a success. 63 64case "$1" in 65 start) 66 # Setting up SPD policies is not required. 67 if [ -f $SETKEY_CONF ]; then 68 echo -n "Setting up $SETKEY" 69 $SETKEY_BIN $SETKEY_OPTIONS -f $SETKEY_CONF 70 rc_status -v 71 rc_reset 72 fi 73 74 echo -n "Starting $RACOON " 75 ## If there is no conf file, skip starting of ddtd 76 ## and return with "program not configured" 77 if ! [ -f $RACOON_CONF ]; then 78 echo -e -n "... no configuration file found" 79 rc_status -s 80 # service is not configured 81 rc_failed 6 82 rc_exit 83 fi 84 85 # startproc should return 0, even if service is 86 # already running to match LSB spec. 87 startproc $RACOON_BIN $RACOON_OPTIONS -f $RACOON_CONF 88 rc_status -v 89 ;; 90 91 stop) 92 echo -n "Shutting down $RACOON" 93 ## Stop daemon with killproc(8) and if this fails 94 ## set echo the echo return value. 95 96 killproc -p $RACOON_PIDFILE -TERM $RACOON_BIN 97 98 # Remember status and be verbose 99 rc_status -v 100 rc_reset 101 102 # Flush SPD policies if required 103 if [ -n "$SETKEY_FLUSH_OPTIONS" ]; then 104 echo -n "Flushing $SETKEY" 105 $SETKEY_BIN $SETKEY_FLUSH_OPTIONS 106 rc_status -v 107 fi 108 ;; 109 try-restart) 110 ## Stop the service and if this succeeds (i.e. the 111 ## service was running before), start it again. 112 $0 stop && $0 start 113 114 # Remember status and be quiet 115 rc_status 116 ;; 117 restart) 118 ## Stop the service and regardless of whether it was 119 ## running or not, start it again. 120 $0 stop 121 $0 start 122 123 # Remember status and be quiet 124 rc_status 125 ;; 126 force-reload) 127 ## Signal the daemon to reload its config. Most daemons 128 ## do this on signal 1 (SIGHUP). 129 ## If it does not support it, restart. 130 131 echo -n "Reload service $RACOON" 132 killproc -p $RACOON_PIDFILE -HUP $RACOON_BIN 133 rc_status -v 134 ;; 135 reload) 136 ## Like force-reload, but if daemon does not support 137 ## signalling, do nothing (!) 138 139 echo -n "Reload service $RACOON" 140 killproc -p $RACOON_PIDFILE -HUP $RACOON_BIN 141 rc_status -v 142 ;; 143 status) 144 echo -n "Checking for $RACOON: " 145 ## Check status with checkproc(8), if process is running 146 ## checkproc will return with exit status 0. 147 148 # Status has a slightly different for the status command: 149 # 0 - service running 150 # 1 - service dead, but /var/run/ pid file exists 151 # 2 - service dead, but /var/lock/ lock file exists 152 # 3 - service not running 153 154 checkproc -p $RACOON_PIDFILE $RACOON_BIN 155 rc_status -v 156 ;; 157 probe) 158 ## Optional: Probe for the necessity of a reload, 159 ## give out the argument which is required for a reload. 160 161 test "$RACOON_CONF" -nt "$RACOON_PIDFILE" && echo reload 162 ;; 163 *) 164 echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload|probe}" 165 exit 1 166 ;; 167esac 168rc_exit 169