1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
|
#! /bin/sh
# Copyright (c) 2001-2002 SuSE GmbH Nuernberg, Germany.
#
# Author: Michal Ludvig <feedback@suse.de>, 2004
#
# /etc/init.d/ipsec-tools
# and its symbolic link
# /usr/sbin/rcipsec-tools
#
# System startup script for the IPsec key management daemon
#
### BEGIN INIT INFO
# Provides: racoon
# Required-Start: $remote_fs $named $syslog
# Required-Stop: $remote_fs $named $syslog
# Default-Start: 3 5
# Default-Stop: 0 1 2 6
# Description: IPsec key management daemon
### END INIT INFO
SETKEY="IPsec policies"
SETKEY_BIN=/usr/sbin/setkey
SETKEY_CONF=/etc/racoon/setkey.conf
RACOON="IPsec IKE daemon (racoon)"
RACOON_BIN=/usr/sbin/racoon
RACOON_CONF=/etc/racoon/racoon.conf
RACOON_PIDFILE=/var/run/racoon.pid
test -x $SETKEY_BIN || exit 5
test -x $RACOON_BIN || exit 5
test -f /etc/sysconfig/racoon && . /etc/sysconfig/racoon
# Shell functions sourced from /etc/rc.status:
# rc_check check and set local and overall rc status
# rc_status check and set local and overall rc status
# rc_status -v ditto but be verbose in local rc status
# rc_status -v -r ditto and clear the local rc status
# rc_failed set local and overall rc status to failed
# rc_failed <num> set local and overall rc status to <num><num>
# rc_reset clear local rc status (overall remains)
# rc_exit exit appropriate to overall rc status
. /etc/rc.status
# First reset status of this service
rc_reset
# Return values acc. to LSB for all commands but status:
# 0 - success
# 1 - generic or unspecified error
# 2 - invalid or excess argument(s)
# 3 - unimplemented feature (e.g. "reload")
# 4 - insufficient privilege
# 5 - program is not installed
# 6 - program is not configured
# 7 - program is not running
#
# Note that starting an already running service, stopping
# or restarting a not-running service as well as the restart
# with force-reload (in case signalling is not supported) are
# considered a success.
case "$1" in
start)
# Setting up SPD policies is not required.
if [ -f $SETKEY_CONF ]; then
echo -n "Setting up $SETKEY"
$SETKEY_BIN $SETKEY_OPTIONS -f $SETKEY_CONF
rc_status -v
rc_reset
fi
echo -n "Starting $RACOON "
## If there is no conf file, skip starting of ddtd
## and return with "program not configured"
if ! [ -f $RACOON_CONF ]; then
echo -e -n "... no configuration file found"
rc_status -s
# service is not configured
rc_failed 6
rc_exit
fi
# startproc should return 0, even if service is
# already running to match LSB spec.
startproc $RACOON_BIN $RACOON_OPTIONS -f $RACOON_CONF
rc_status -v
;;
stop)
echo -n "Shutting down $RACOON"
## Stop daemon with killproc(8) and if this fails
## set echo the echo return value.
killproc -p $RACOON_PIDFILE -TERM $RACOON_BIN
# Remember status and be verbose
rc_status -v
rc_reset
# Flush SPD policies if required
if [ -n "$SETKEY_FLUSH_OPTIONS" ]; then
echo -n "Flushing $SETKEY"
$SETKEY_BIN $SETKEY_FLUSH_OPTIONS
rc_status -v
fi
;;
try-restart)
## Stop the service and if this succeeds (i.e. the
## service was running before), start it again.
$0 stop && $0 start
# Remember status and be quiet
rc_status
;;
restart)
## Stop the service and regardless of whether it was
## running or not, start it again.
$0 stop
$0 start
# Remember status and be quiet
rc_status
;;
force-reload)
## Signal the daemon to reload its config. Most daemons
## do this on signal 1 (SIGHUP).
## If it does not support it, restart.
echo -n "Reload service $RACOON"
killproc -p $RACOON_PIDFILE -HUP $RACOON_BIN
rc_status -v
;;
reload)
## Like force-reload, but if daemon does not support
## signalling, do nothing (!)
echo -n "Reload service $RACOON"
killproc -p $RACOON_PIDFILE -HUP $RACOON_BIN
rc_status -v
;;
status)
echo -n "Checking for $RACOON: "
## Check status with checkproc(8), if process is running
## checkproc will return with exit status 0.
# Status has a slightly different for the status command:
# 0 - service running
# 1 - service dead, but /var/run/ pid file exists
# 2 - service dead, but /var/lock/ lock file exists
# 3 - service not running
checkproc -p $RACOON_PIDFILE $RACOON_BIN
rc_status -v
;;
probe)
## Optional: Probe for the necessity of a reload,
## give out the argument which is required for a reload.
test "$RACOON_CONF" -nt "$RACOON_PIDFILE" && echo reload
;;
*)
echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload|probe}"
exit 1
;;
esac
rc_exit
|