ipsec and starter exit with LSB-compliant return codes
This commit is contained in:
parent
a349dc58f1
commit
0b72091970
|
@ -97,26 +97,36 @@ down)
|
|||
if [ "$#" -ne 1 ]
|
||||
then
|
||||
echo "Usage: ipsec down <connection name>"
|
||||
exit 1
|
||||
exit 2
|
||||
fi
|
||||
if test -e $IPSEC_PLUTO_PID
|
||||
rc=7
|
||||
if [ -e $IPSEC_PLUTO_PID ]
|
||||
then
|
||||
$IPSEC_WHACK --name "$1" --terminate
|
||||
rc="$?"
|
||||
fi
|
||||
if test -e $IPSEC_CHARON_PID
|
||||
if [ -e $IPSEC_CHARON_PID ]
|
||||
then
|
||||
$IPSEC_STROKE down "$1"
|
||||
rc="$?"
|
||||
fi
|
||||
exit 0
|
||||
exit "$rc"
|
||||
;;
|
||||
listalgs|listpubkeys|\listcards|\rereadgroups)
|
||||
op="$1"
|
||||
shift
|
||||
if test -e $IPSEC_PLUTO_PID
|
||||
if [ -e $IPSEC_PLUTO_PID ]
|
||||
then
|
||||
$IPSEC_WHACK "$@" "--$op"
|
||||
exit "$?"
|
||||
else
|
||||
if [ -e $IPSEC_CHARON_PID ]
|
||||
then
|
||||
exit 3
|
||||
else
|
||||
exit 7
|
||||
fi
|
||||
fi
|
||||
exit 0
|
||||
;;
|
||||
listcerts|listcacerts|listaacerts|\
|
||||
listacerts|listgroups|listocspcerts|\
|
||||
|
@ -125,32 +135,39 @@ rereadsecrets|rereadcacerts|rereadaacerts|\
|
|||
rereadacerts|rereadocspcerts|rereadcrls|\
|
||||
rereadall|purgeocsp)
|
||||
op="$1"
|
||||
rc=7
|
||||
shift
|
||||
if test -e $IPSEC_PLUTO_PID
|
||||
if [ -e $IPSEC_PLUTO_PID ]
|
||||
then
|
||||
$IPSEC_WHACK "$@" "--$op"
|
||||
rc="$?"
|
||||
fi
|
||||
if test -e $IPSEC_CHARON_PID
|
||||
if [ -e $IPSEC_CHARON_PID ]
|
||||
then
|
||||
$IPSEC_STROKE "$op" "$@"
|
||||
rc="$?"
|
||||
fi
|
||||
exit 0
|
||||
exit "$rc"
|
||||
;;
|
||||
ready)
|
||||
shift
|
||||
if test -e $IPSEC_PLUTO_PID
|
||||
if [ -e $IPSEC_PLUTO_PID ]
|
||||
then
|
||||
$IPSEC_WHACK --listen
|
||||
exit 0
|
||||
else
|
||||
exit 7
|
||||
fi
|
||||
exit 0
|
||||
;;
|
||||
reload)
|
||||
if test -e $IPSEC_STARTER_PID
|
||||
if [ -e $IPSEC_STARTER_PID ]
|
||||
then
|
||||
echo "Reloading strongSwan IPsec configuration..." >&2
|
||||
kill -s USR1 `cat $IPSEC_STARTER_PID`
|
||||
echo "Reloading strongSwan IPsec configuration..." >&2
|
||||
kill -s USR1 `cat $IPSEC_STARTER_PID`
|
||||
exit 0
|
||||
else
|
||||
echo "ipsec starter is not running" >&2
|
||||
echo "ipsec starter is not running" >&2
|
||||
exit 7
|
||||
fi
|
||||
exit 0
|
||||
;;
|
||||
|
@ -163,37 +180,49 @@ restart)
|
|||
;;
|
||||
route|unroute)
|
||||
op="$1"
|
||||
rc=7
|
||||
shift
|
||||
if [ "$#" -ne 1 ]
|
||||
then
|
||||
echo "Usage: ipsec $op <connection name>"
|
||||
exit 1
|
||||
echo "Usage: ipsec $op <connection name>"
|
||||
exit 2
|
||||
fi
|
||||
if test -e $IPSEC_PLUTO_PID
|
||||
if [ -e $IPSEC_PLUTO_PID ]
|
||||
then
|
||||
$IPSEC_WHACK --name "$1" "--$op"
|
||||
rc="$?"
|
||||
fi
|
||||
if test -e $IPSEC_CHARON_PID
|
||||
if [ -e $IPSEC_CHARON_PID ]
|
||||
then
|
||||
$IPSEC_STROKE "$op" "$1"
|
||||
rc="$?"
|
||||
fi
|
||||
exit 0
|
||||
exit "$rc"
|
||||
;;
|
||||
scencrypt|scdecrypt)
|
||||
op="$1"
|
||||
shift
|
||||
if test -e $IPSEC_PLUTO_PID
|
||||
if [ -e $IPSEC_PLUTO_PID ]
|
||||
then
|
||||
$IPSEC_WHACK "--$op" "$@"
|
||||
exit "$?"
|
||||
else
|
||||
exit 7
|
||||
fi
|
||||
exit 0
|
||||
;;
|
||||
secrets)
|
||||
if test -e $IPSEC_PLUTO_PID
|
||||
rc=7
|
||||
if [ -e $IPSEC_PLUTO_PID ]
|
||||
then
|
||||
$IPSEC_WHACK --rereadsecrets
|
||||
rc="$?"
|
||||
fi
|
||||
exit 0
|
||||
if [ -e $IPSEC_CHARON_PID ]
|
||||
then
|
||||
$IPSEC_STROKE rereadsecrets
|
||||
rc="$?"
|
||||
fi
|
||||
exit "$rc"
|
||||
;;
|
||||
start)
|
||||
shift
|
||||
|
@ -201,65 +230,75 @@ start)
|
|||
;;
|
||||
status|statusall)
|
||||
op="$1"
|
||||
rc=7
|
||||
shift
|
||||
if test $# -eq 0
|
||||
if [ $# -eq 0 ]
|
||||
then
|
||||
if test -e $IPSEC_PLUTO_PID
|
||||
if [ -e $IPSEC_PLUTO_PID ]
|
||||
then
|
||||
$IPSEC_WHACK "--$op"
|
||||
rc="$?"
|
||||
fi
|
||||
if test -e $IPSEC_CHARON_PID
|
||||
if [ -e $IPSEC_CHARON_PID ]
|
||||
then
|
||||
$IPSEC_STROKE "$op"
|
||||
rc="$?"
|
||||
fi
|
||||
else
|
||||
if test -e $IPSEC_PLUTO_PID
|
||||
if [ -e $IPSEC_PLUTO_PID ]
|
||||
then
|
||||
$IPSEC_WHACK --name "$1" "--$op"
|
||||
rc="$?"
|
||||
fi
|
||||
if test -e $IPSEC_CHARON_PID
|
||||
if [ -e $IPSEC_CHARON_PID ]
|
||||
then
|
||||
$IPSEC_STROKE "$op" "$1"
|
||||
rc="$?"
|
||||
fi
|
||||
fi
|
||||
exit 0
|
||||
exit "$rc"
|
||||
;;
|
||||
stop)
|
||||
if test -e $IPSEC_STARTER_PID
|
||||
if [ -e $IPSEC_STARTER_PID ]
|
||||
then
|
||||
echo "Stopping strongSwan IPsec..." >&2
|
||||
kill `cat $IPSEC_STARTER_PID`
|
||||
echo "Stopping strongSwan IPsec..." >&2
|
||||
kill `cat $IPSEC_STARTER_PID`
|
||||
exit 0
|
||||
else
|
||||
echo "ipsec starter is not running" >&2
|
||||
echo "ipsec starter is not running" >&2
|
||||
exit 7
|
||||
fi
|
||||
exit 0
|
||||
;;
|
||||
up)
|
||||
shift
|
||||
if [ "$#" -ne 1 ]
|
||||
then
|
||||
echo "Usage: ipsec up <connection name>"
|
||||
exit 1
|
||||
exit 2
|
||||
fi
|
||||
if test -e $IPSEC_PLUTO_PID
|
||||
rc=7
|
||||
if [ -e $IPSEC_PLUTO_PID ]
|
||||
then
|
||||
$IPSEC_WHACK --name "$1" --initiate
|
||||
rc="$?"
|
||||
fi
|
||||
if test -e $IPSEC_CHARON_PID
|
||||
if [ -e $IPSEC_CHARON_PID ]
|
||||
then
|
||||
$IPSEC_STROKE up "$1"
|
||||
$IPSEC_STROKE up "$1"
|
||||
rc="$?"
|
||||
fi
|
||||
exit 0
|
||||
exit "$rc"
|
||||
;;
|
||||
update)
|
||||
if test -e $IPSEC_STARTER_PID
|
||||
if [ -e $IPSEC_STARTER_PID ]
|
||||
then
|
||||
echo "Updating strongSwan IPsec configuration..." >&2
|
||||
kill -s HUP `cat $IPSEC_STARTER_PID`
|
||||
exit 0
|
||||
else
|
||||
echo "ipsec starter is not running" >&2
|
||||
exit 7
|
||||
fi
|
||||
exit 0
|
||||
;;
|
||||
version|--version)
|
||||
echo "Linux $IPSEC_NAME $IPSEC_VERSION"
|
||||
|
@ -269,7 +308,7 @@ version|--version)
|
|||
;;
|
||||
--*)
|
||||
echo "$0: unknown option \`$1' (perhaps command name was omitted?)" >&2
|
||||
exit 1
|
||||
exit 2
|
||||
;;
|
||||
esac
|
||||
|
||||
|
@ -278,13 +317,13 @@ shift
|
|||
|
||||
path="$IPSEC_DIR/$cmd"
|
||||
|
||||
if test ! -x "$path"
|
||||
if [ ! -x "$path" ]
|
||||
then
|
||||
path="$IPSEC_DIR/$cmd"
|
||||
if test ! -x "$path"
|
||||
if [ ! -x "$path" ]
|
||||
then
|
||||
echo "$0: unknown IPsec command \`$cmd' (\`ipsec --help' for list)" >&2
|
||||
exit 1
|
||||
exit 2
|
||||
fi
|
||||
fi
|
||||
|
||||
|
|
|
@ -43,6 +43,19 @@
|
|||
#include "cmp.h"
|
||||
#include "interfaces.h"
|
||||
|
||||
/**
|
||||
* Return codes defined by Linux Standard Base Core Specification 3.1
|
||||
* in section 20.2. Init Script Actions
|
||||
*/
|
||||
#define LSB_RC_SUCCESS 0 /* success */
|
||||
#define LSB_RC_FAILURE 1 /* generic or unspecified error */
|
||||
#define LSB_RC_INVALID_ARGUMENT 2 /* invalid or excess argument(s) */
|
||||
#define LSB_RC_NOT_IMPLEMENTED 3 /* unimplemented feature (reload) */
|
||||
#define LSB_RC_NOT_ALLOWED 4 /* user had insufficient privilege */
|
||||
#define LSB_RC_NOT_INSTALLED 5 /* program is not installed */
|
||||
#define LSB_RC_NOT_CONFIGURED 6 /* program is not configured */
|
||||
#define LSB_RC_NOT_RUNNING 7 /* program is not running */
|
||||
|
||||
#define FLAG_ACTION_START_PLUTO 0x01
|
||||
#define FLAG_ACTION_UPDATE 0x02
|
||||
#define FLAG_ACTION_RELOAD 0x04
|
||||
|
@ -131,7 +144,7 @@ usage(char *name)
|
|||
{
|
||||
fprintf(stderr, "Usage: starter [--nofork] [--auto-update <sec>] "
|
||||
"[--debug|--debug-more|--debug-all]\n");
|
||||
exit(1);
|
||||
exit(LSB_RC_INVALID_ARGUMENT);
|
||||
}
|
||||
|
||||
int main (int argc, char **argv)
|
||||
|
@ -205,7 +218,7 @@ int main (int argc, char **argv)
|
|||
if (getuid() != 0)
|
||||
{
|
||||
plog("permission denied (must be superuser)");
|
||||
exit(1);
|
||||
exit(LSB_RC_NOT_ALLOWED);
|
||||
}
|
||||
|
||||
if (stat(PLUTO_PID_FILE, &stb) == 0)
|
||||
|
@ -227,13 +240,13 @@ int main (int argc, char **argv)
|
|||
if (stat(DEV_RANDOM, &stb) != 0)
|
||||
{
|
||||
plog("unable to start strongSwan IPsec -- no %s!", DEV_RANDOM);
|
||||
exit(1);
|
||||
exit(LSB_RC_FAILURE);
|
||||
}
|
||||
|
||||
if (stat(DEV_URANDOM, &stb)!= 0)
|
||||
{
|
||||
plog("unable to start strongSwan IPsec -- no %s!", DEV_URANDOM);
|
||||
exit(1);
|
||||
exit(LSB_RC_FAILURE);
|
||||
}
|
||||
|
||||
cfg = confread_load(CONFIG_FILE);
|
||||
|
@ -244,14 +257,14 @@ int main (int argc, char **argv)
|
|||
{
|
||||
confread_free(cfg);
|
||||
}
|
||||
exit(1);
|
||||
exit(LSB_RC_INVALID_ARGUMENT);
|
||||
}
|
||||
|
||||
/* determine if we have a native netkey IPsec stack */
|
||||
if (!starter_netkey_init())
|
||||
{
|
||||
plog("no netkey IPSec stack detected");
|
||||
exit(1);
|
||||
exit(LSB_RC_FAILURE);
|
||||
}
|
||||
|
||||
last_reload = time(NULL);
|
||||
|
@ -259,7 +272,7 @@ int main (int argc, char **argv)
|
|||
if (stat(STARTER_PID_FILE, &stb) == 0)
|
||||
{
|
||||
plog("starter is already running (%s exists) -- no fork done", STARTER_PID_FILE);
|
||||
exit(0);
|
||||
exit(LSB_RC_SUCCESS);
|
||||
}
|
||||
|
||||
/* fork if we're not debugging stuff */
|
||||
|
@ -287,7 +300,7 @@ int main (int argc, char **argv)
|
|||
plog("can't fork: %s", strerror(errno));
|
||||
break;
|
||||
default:
|
||||
exit(0);
|
||||
exit(LSB_RC_SUCCESS);
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -322,7 +335,7 @@ int main (int argc, char **argv)
|
|||
#endif /* LEAK_DETECTIVE */
|
||||
close_log();
|
||||
plog("ipsec starter stopped");
|
||||
exit(0);
|
||||
exit(LSB_RC_SUCCESS);
|
||||
}
|
||||
|
||||
/*
|
||||
|
@ -643,7 +656,6 @@ int main (int argc, char **argv)
|
|||
_action_ |= FLAG_ACTION_UPDATE;
|
||||
}
|
||||
}
|
||||
|
||||
return 0;
|
||||
exit(LSB_RC_SUCCESS);
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue