#! /bin/sh # Copyright (c) 2001-2002 SuSE GmbH Nuernberg, Germany. # # Author: Michal Ludvig , 2004 # # /etc/init.d/ipsec-tools # and its symbolic link # /usr/sbin/rcipsec-tools # # System startup script for the IPsec key management daemon # ### BEGIN INIT INFO # Provides: racoon # Required-Start: $remote_fs $named $syslog # Required-Stop: $remote_fs $named $syslog # Default-Start: 3 5 # Default-Stop: 0 1 2 6 # Description: IPsec key management daemon ### END INIT INFO SETKEY="IPsec policies" SETKEY_BIN=/usr/sbin/setkey SETKEY_CONF=/etc/racoon/setkey.conf RACOON="IPsec IKE daemon (racoon)" RACOON_BIN=/usr/sbin/racoon RACOON_CONF=/etc/racoon/racoon.conf RACOON_PIDFILE=/var/run/racoon.pid test -x $SETKEY_BIN || exit 5 test -x $RACOON_BIN || exit 5 test -f /etc/sysconfig/racoon && . /etc/sysconfig/racoon # Shell functions sourced from /etc/rc.status: # rc_check check and set local and overall rc status # rc_status check and set local and overall rc status # rc_status -v ditto but be verbose in local rc status # rc_status -v -r ditto and clear the local rc status # rc_failed set local and overall rc status to failed # rc_failed set local and overall rc status to # rc_reset clear local rc status (overall remains) # rc_exit exit appropriate to overall rc status . /etc/rc.status # First reset status of this service rc_reset # Return values acc. to LSB for all commands but status: # 0 - success # 1 - generic or unspecified error # 2 - invalid or excess argument(s) # 3 - unimplemented feature (e.g. "reload") # 4 - insufficient privilege # 5 - program is not installed # 6 - program is not configured # 7 - program is not running # # Note that starting an already running service, stopping # or restarting a not-running service as well as the restart # with force-reload (in case signalling is not supported) are # considered a success. case "$1" in start) # Setting up SPD policies is not required. if [ -f $SETKEY_CONF ]; then echo -n "Setting up $SETKEY" $SETKEY_BIN $SETKEY_OPTIONS -f $SETKEY_CONF rc_status -v rc_reset fi echo -n "Starting $RACOON " ## If there is no conf file, skip starting of ddtd ## and return with "program not configured" if ! [ -f $RACOON_CONF ]; then echo -e -n "... no configuration file found" rc_status -s # service is not configured rc_failed 6 rc_exit fi # startproc should return 0, even if service is # already running to match LSB spec. startproc $RACOON_BIN $RACOON_OPTIONS -f $RACOON_CONF rc_status -v ;; stop) echo -n "Shutting down $RACOON" ## Stop daemon with killproc(8) and if this fails ## set echo the echo return value. killproc -p $RACOON_PIDFILE -TERM $RACOON_BIN # Remember status and be verbose rc_status -v rc_reset # Flush SPD policies if required if [ -n "$SETKEY_FLUSH_OPTIONS" ]; then echo -n "Flushing $SETKEY" $SETKEY_BIN $SETKEY_FLUSH_OPTIONS rc_status -v fi ;; try-restart) ## Stop the service and if this succeeds (i.e. the ## service was running before), start it again. $0 stop && $0 start # Remember status and be quiet rc_status ;; restart) ## Stop the service and regardless of whether it was ## running or not, start it again. $0 stop $0 start # Remember status and be quiet rc_status ;; force-reload) ## Signal the daemon to reload its config. Most daemons ## do this on signal 1 (SIGHUP). ## If it does not support it, restart. echo -n "Reload service $RACOON" killproc -p $RACOON_PIDFILE -HUP $RACOON_BIN rc_status -v ;; reload) ## Like force-reload, but if daemon does not support ## signalling, do nothing (!) echo -n "Reload service $RACOON" killproc -p $RACOON_PIDFILE -HUP $RACOON_BIN rc_status -v ;; status) echo -n "Checking for $RACOON: " ## Check status with checkproc(8), if process is running ## checkproc will return with exit status 0. # Status has a slightly different for the status command: # 0 - service running # 1 - service dead, but /var/run/ pid file exists # 2 - service dead, but /var/lock/ lock file exists # 3 - service not running checkproc -p $RACOON_PIDFILE $RACOON_BIN rc_status -v ;; probe) ## Optional: Probe for the necessity of a reload, ## give out the argument which is required for a reload. test "$RACOON_CONF" -nt "$RACOON_PIDFILE" && echo reload ;; *) echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload|probe}" exit 1 ;; esac rc_exit