From: rmccabe@sourceware.org <rmccabe@sourceware.org>
To: cluster-devel.redhat.com
Subject: [Cluster-devel] conga/luci/init.d luci
Date: 22 May 2007 01:39:51 -0000 [thread overview]
Message-ID: <20070522013951.30487.qmail@sourceware.org> (raw)
CVSROOT: /cvs/cluster
Module name: conga
Branch: EXPERIMENTAL
Changes by: rmccabe at sourceware.org 2007-05-22 01:39:51
Modified files:
luci/init.d : luci
Log message:
Make the init script more robust, and make it log errors for any failures.
Patches:
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/init.d/luci.diff?cvsroot=cluster&only_with_tag=EXPERIMENTAL&r1=1.16&r2=1.16.2.1
--- conga/luci/init.d/luci 2007/03/15 16:52:36 1.16
+++ conga/luci/init.d/luci 2007/05/22 01:39:51 1.16.2.1
@@ -1,10 +1,9 @@
#!/bin/sh
#
-# Copyright (C) 2005 Red Hat, Inc.
+# Copyright (C) 2005-2007 Red Hat, Inc.
#
-# This program is Free Software. You may modify and/or redistribute it under
-# the terms of the GNU General Public License version 2, or (at your option)
-# any later version.
+# This program is Free Software. You may modify and/or redistribute it under
+# the terms of the GNU General Public License version 2.
#
# description: Starts and stops Red Hat Cluster and Storage Remote \
# Configuration Web Interface (luci)
@@ -23,22 +22,26 @@
PATH=/sbin:/bin:/usr/sbin:/usr/bin
export PATH
-ID="luci"
-LUCID="/var/lib/luci/bin/runzope"
-PIDFILE="/var/lib/luci/var/Z2.pid"
-GLOB_PIDFILE="/var/run/luci.pid"
-GLOB_LOCKFILE="/var/lock/subsys/luci"
+ID='luci'
+LUCID='/var/lib/luci/bin/runzope'
+PIDFILE='/var/lib/luci/var/Z2.pid'
+GLOB_PIDFILE='/var/run/luci.pid'
+GLOB_LOCKFILE='/var/lock/subsys/luci'
-LUCI_USER="luci"
-LUCI_GROUP="luci"
+LUCI_USER='luci'
+LUCI_GROUP='luci'
LUCI_URL="https://`/bin/hostname`:$LUCI_HTTPS_PORT"
-HTTPS_PUBKEY="/var/lib/luci/var/certs/https.pem"
-HTTPS_PRIVKEY="/var/lib/luci/var/certs/https.key.pem"
-STUNNEL_D="/usr/sbin/stunnel"
-STUNNEL_PID="/var/lib/luci/var/stunnel/pid"
-STUNNEL_CONF="/var/lib/luci/etc/stunnel.conf"
+HTTPS_PUBKEY='/var/lib/luci/var/certs/https.pem'
+HTTPS_PRIVKEY='/var/lib/luci/var/certs/https.key.pem'
+
+KEY_LIFE_DAYS='1825'
+KEY_BITS='2048'
+
+STUNNEL_D='/usr/sbin/stunnel'
+STUNNEL_PID='/var/lib/luci/var/stunnel/pid'
+STUNNEL_CONF='/var/lib/luci/etc/stunnel.conf'
#
# Only root wants to run this...
@@ -53,186 +56,273 @@
https_certs_ok()
{
- if [ ! -e $HTTPS_PRIVKEY ] ; then
- return 1
- fi
- if [ ! -e $HTTPS_PUBKEY ] ; then
- return 2
- fi
- return 0
-}
+ if [ ! -f "$HTTPS_PRIVKEY" ]; then
+ return 1
+ fi
-generate_https_certs()
-{
- rm -f $HTTPS_PRIVKEY $HTTPS_PUBKEY
- echo -n "generating https SSL certificates... "
- /usr/bin/openssl genrsa -out $HTTPS_PRIVKEY 2048 > /dev/null 2>&1
- /usr/bin/openssl req -new -x509 -key $HTTPS_PRIVKEY -out $HTTPS_PUBKEY -days 1825 -config /var/lib/luci/var/certs/cacert.config
- /bin/chown $LUCI_USER:$LUCI_GROUP $HTTPS_PRIVKEY $HTTPS_PUBKEY
- /bin/chmod 600 $HTTPS_PRIVKEY
- /bin/chmod 644 $HTTPS_PUBKEY
- echo "done"
- return $?
+ if [ ! -f "$HTTPS_PUBKEY" ]; then
+ return 2
+ fi
+
+ return 0
}
-start()
+generate_https_certs()
{
- $LUCID >/dev/null 2>/dev/null &
-
- https_certs_ok
- if [ "1$?" != "10" ] ; then
- generate_https_certs
- fi
- sleep 4
- sed -e s,\\\(^accept.*=\ \\\)\\\(.*\\\),\\\1$LUCI_HTTPS_PORT, $STUNNEL_CONF | $STUNNEL_D -fd 0
- sleep 4
+ echo -n "Generating https SSL certificates... "
+ old_umask=`umask`
+ umask 077
+
+ rm -f "$HTTPS_PRIVKEY" "$HTTPS_PUBKEY"
+ /usr/bin/openssl genrsa -out "$HTTPS_PRIVKEY" "$KEY_BITS" >&/dev/null
+ /usr/bin/openssl req -new -x509 -key "$HTTPS_PRIVKEY" -out "$HTTPS_PUBKEY" -days "$KEY_LIFE_DAYS" -config /var/lib/luci/var/certs/cacert.config
+ /bin/chmod 600 "$HTTPS_PRIVKEY"
+ /bin/chmod 644 "$HTTPS_PUBKEY"
+ /bin/chown $LUCI_USER:$LUCI_GROUP "$HTTPS_PRIVKEY" "$HTTPS_PUBKEY"
+ ret=$?
+
+ umask $old_umask
+ echo "done"
+ return $ret
}
stop_luci()
{
- pid_num=`cat $PIDFILE`
- kill $pid_num
- sleep 2
+ pid_num=`cat $PIDFILE 2>/dev/null`
+ ret=$?
+ if [ $ret -eq 0 ]; then
+ kill $pid_num >& /dev/null
+ ret=$?
+ fi
+
+ if [ $ret -ne 0 ]; then
+ pkill -u "$LUCI_USER" python >&/dev/null
+ ret=$?
+ fi
+ return $ret
}
stop_stunnel()
{
- pid_num=`cat $STUNNEL_PID`
- kill $pid_num
- sleep 2
+ pid_num=`cat $STUNNEL_PID 2>/dev/null`
+ ret=$?
+ if [ $ret -eq 0 ]; then
+ kill $pid_num >& /dev/null
+ ret=$?
+ fi
+
+ if [ $ret -ne 0 ]; then
+ pkill -u "$LUCI_USER" stunnel >&/dev/null
+ ret=$?
+ fi
+ return $ret
}
stop()
{
- stop_luci
- stop_stunnel
+ stop_stunnel
+ if [ $? -ne 0 ]; then
+ errmsg='Failed to stop stunnel'
+ return 1
+ fi
+ stop_luci
+ if [ $? -ne 0 ]; then
+ errmsg='Failed to stop luci'
+ return 1
+ fi
+ return 0
}
-system_running()
+start()
{
- # luci
- LUCI_UP=1
- if [ -e $PIDFILE ] ; then
- pid_num=`cat $PIDFILE`
- res=`ps -Af | grep python | grep $LUCI_USER | grep $pid_num`
- if [ "1$res" != "1" ] ; then
- LUCI_UP=0
- fi
- fi
-
- # stunnel
- ST_UP=2
- if [ -e $STUNNEL_PID ] ; then
- pid_num=`cat $STUNNEL_PID`
- res=`ps -Af | grep stunnel | grep $LUCI_USER | grep $pid_num`
- if [ "1$res" != "1" ] ; then
- ST_UP=0
- fi
- fi
-
- # resolve
- let res=$LUCI_UP+$ST_UP
- if [ "1$res" = "10" ] ; then
+ https_certs_ok
+ if [ $? -ne 0 ]; then
+ generate_https_certs
+ if [ $? -ne 0 ]; then
+ errmsg='An error occurred while generating certificates'
+ return 1
+ fi
+ fi
+
+ $LUCID >&/dev/null &
+ sleep 4
+
+ sed -e s,\\\(^accept.*=\ \\\)\\\(.*\\\),\\\1$LUCI_HTTPS_PORT, $STUNNEL_CONF | $STUNNEL_D -fd 0
+ if [ $? -ne 0 ]; then
+ errmsg='An error occurred while starting stunnel'
+ stop_luci
+ return 1
+ fi
return 0
- fi
- if [ "1$res" = "11" ] ; then
- # only stunnel running -> stop it
- stop_stunnel
- fi
- if [ "1$res" = "12" ] ; then
- # only luci running -> stop it
- stop_luci
- fi
- return 1
}
+luci_running()
+{
+ LUCI_UP=1
+ pgrep -u "$LUCI_USER" python >&/dev/null
+ if [ $? -ne 0 ]; then
+ LUCI_UP=0
+ fi
+
+ if [ -f "$PIDFILE" ] && [ $LUCI_UP -eq 0 ]; then
+ # stale pidfile
+ rm -f "$PIDFILE" >& /dev/null
+ fi
+ return $LUCI_UP
+}
+
+stunnel_running()
+{
+ ST_UP=2
+ pgrep -u "$LUCI_USER" stunnel >&/dev/null
+ if [ $? -ne 0 ]; then
+ ST_UP=0
+ fi
+ if [ -f "$STUNNEL_PID" ] && [ $ST_UP -eq 0 ]; then
+ # stale pidfile
+ rm -f "$STUNNEL_PID"
+ fi
+ return $ST_UP
+}
+
+system_running()
+{
+ luci_running
+ LUCI_UP=$?
+
+ stunnel_running
+ STUNNEL_UP=$?
+
+ res=`echo $LUCI_UP $STUNNEL_UP + p | /usr/bin/dc`
+ if [ $res -eq 0 ]; then
+ # none up
+ return 0
+ elif [ $res -eq 3 ]; then
+ # both up
+ return 1
+ elif [ $res -eq 1 ]; then
+ # only luci up
+ stop_luci
+ if [ $? -ne 0 ]; then
+ errmsg='Only luci was running and it could not be stopped'
+ return 3
+ fi
+ elif [ $res -eq 2 ]; then
+ # only stunnel up
+ stop_stunnel
+ if [ $? -ne 0 ]; then
+ errmsg='Only stunnel was running and it could not be stopped'
+ return 4
+ fi
+ fi
+ return 0
+}
case $1 in
start)
- if ! /bin/grep True /var/lib/luci/.default_password_has_been_reset 2>&1 >/dev/null; then
- echo ""
- echo "luci's 'admin' password has to be changed before server is allowed to start"
- echo "To do so, execute (as root): "
- echo -e "\tluci_admin password"
- echo ""
- /usr/bin/logger -t $ID "startup failed (password not reset): execute 'luci_admin password'"
- exit 1
+ if ! /bin/grep True /var/lib/luci/.default_password_has_been_reset 2>&1 >/dev/null; then
+ echo ""
+ echo "The admin user password must be set before the luci can start"
+ echo "To do so, execute (as root): "
+ echo -e "\tluci_admin password\n"
+ /usr/bin/logger -t "$ID" "Luci startup failed: admin password not set (execute 'luci_admin password')"
+ exit 1
fi
-
+
echo -n "Starting $ID: "
system_running
- rtrn=$?
- if [ "1$rtrn" != "10" ] ; then
- start
+ ret=$?
+ if [ $ret -eq 0 ]; then
+ start
+ elif [ $ret -eq 1 ]; then
+ # already running
+ echo_success
+ echo
+ exit 0
+ elif [ $ret -gt 2 ]; then
+ # one of the two processes was running and couldn't be stopped.
+ /usr/bin/logger -t "$ID" "Luci startup failed: $errmsg"
+ exit 1
fi
+
system_running
- rtrn=$?
- if [ "1$rtrn" = "10" ] ; then
- echo_success
- cat $PIDFILE > $GLOB_PIDFILE
- touch $GLOB_LOCKFILE
- /usr/bin/logger -t $ID "startup succeeded"
- /usr/bin/logger -t $ID "Listening on port $LUCI_HTTPS_PORT; accessible using url $LUCI_URL"
- echo; echo
- echo "Please, point your web browser to $LUCI_URL to access luci"
- echo
+ if [ $? -eq 1 ]; then
+ echo_success
+ cat "$PIDFILE" > "$GLOB_PIDFILE"
+ touch "$GLOB_LOCKFILE"
+ /usr/bin/logger -t "$ID" "Luci startup succeeded"
+ /usr/bin/logger -t "$ID" "Listening on port $LUCI_HTTPS_PORT; accessible via URL $LUCI_URL"
+ echo; echo
+ echo "Point your web browser to $LUCI_URL to access luci"
+ echo
else
- echo_failure
- /usr/bin/logger -t $ID "startup failed"
- echo
+ echo_failure
+ /usr/bin/logger -t "$ID" "Luci startup failed $errmsg"
+ echo
fi
- ;;
+ ;;
- restart)
+ restart)
$0 stop
- $0 start
rtrn=$?
- ;;
-
- condrestart)
- system_running
+ if [ $rtrn -eq 0 ]; then
+ $0 start
+ rtrn=$?
+ fi
+ ;;
+
+ condrestart)
+ system_running
rtrn=$?
- if [ "1$rtrn" = "10" ] ; then
- $0 restart
- rtrn=$?
+ if [ $? -eq 1 ] ; then
+ $0 restart
+ rtrn=$?
fi
- ;;
+ ;;
status)
- system_running
- rtrn=$?
- if [ "1$rtrn" = "10" ] ; then
- echo "$ID is running..."
+ system_running
+ if [ $? -eq 1 ]; then
+ echo "$ID is running..."
+ rtrn=0
else
- echo "$ID is stopped"
+ echo "$ID is stopped"
+ rtrn=1
fi
- ;;
+ ;;
stop)
echo -n "Shutting down $ID: "
system_running
rtrn=$?
- if [ "1$rtrn" = "10" ] ; then
- stop
- /usr/bin/logger -t $ID "shutdown succeeded"
- fi
- echo_success
- rm -f $GLOB_PIDFILE
- rm -f $GLOB_LOCKFILE
- rtrn=0
- echo
- ;;
+ if [ $rtrn -eq 1 ]; then
+ stop
+ if [ $? -eq 0 ]; then
+ rm -f "$GLOB_PIDFILE"
+ rm -f "$GLOB_LOCKFILE"
+ /usr/bin/logger -t "$ID" "Luci shutdown succeeded"
+ rtrn=0
+ else
+ /usr/bin/logger -t "$ID" "Luci shutdown failed"
+ fi
+ fi
+ if [ $rtrn -eq 0 ]; then
+ echo_success
+ else
+ echo_failure
+ fi
+ echo
+ ;;
- reload)
- rtrn=0
- ;;
+ reload)
+ rtrn=0
+ ;;
*)
echo "Usage: $0 {start|stop|status|restart|condrestart|reload}"
rtrn=1
- ;;
-
+ ;;
esac
exit $rtrn
next reply other threads:[~2007-05-22 1:39 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-05-22 1:39 rmccabe [this message]
-- strict thread matches above, loose matches on Subject: below --
2010-02-04 23:36 [Cluster-devel] conga/luci/init.d luci rmccabe
2008-02-05 18:41 rmccabe
2008-02-05 18:31 rmccabe
2007-06-05 16:03 rmccabe
2007-03-15 16:52 rmccabe
2007-02-20 17:56 rmccabe
2006-11-02 0:23 kupcevic
2006-10-03 18:23 kupcevic
2006-09-26 0:22 kupcevic
2006-07-17 20:56 kupcevic
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20070522013951.30487.qmail@sourceware.org \
--to=rmccabe@sourceware.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.