Subversion Repositories

?revision_form?Rev ?revision_input??revision_submit??revision_endform?

Rev 39 | Rev 59 | Go to most recent revision | Blame | Compare with Previous | Last modification | View Log | RSS feed

#!/bin/sh
#
# lsh-utils     Start/stop secure shell server.
#               Written by Timshel Knoll <timshel@debian.org>
#               Updated by Stefan Pfetzing <dreamind@dreamind.de>
#               Updated by Magnus Holmgren <magnus@debian.org>

### BEGIN INIT INFO
# Provides:          lsh-server
# Required-Start:    $local_fs $remote_fs $syslog $named $network
# Required-Stop:     $local_fs $remote_fs $syslog $named $network
# X-Start-Before:    cman drbd smokeping vz
# X-Stop-After:      cman drbd smokeping vz
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: lsh secure shell server
### END INIT INFO

PATH=/sbin:/bin:/usr/sbin:/usr/bin
DAEMON=/usr/sbin/lshd
NAME=lshd
DESC="secure shell v2 server"
CONFIG=/etc/default/lsh-server
PIDFILE=/var/run/$NAME.pid

RANDOM_SEED="/var/spool/lsh/yarrow-seed-file"
HOST_KEY="/etc/lsh_host_key"

test -f $DAEMON || exit 0

. /lib/lsb/init-functions

set +e

if [ -r "$CONFIG" ]; then
   . "$CONFIG"
fi

if [ x"$LSHD_PORT" = x ]; then
   LSHD_PORT="22"
fi

case "$ENABLE_SFTP" in
  true|y*|Y*)
    SFTP_FLAG="--subsystems sftp=/usr/lib/lsh-server/sftp-server"
    ;;
  *)
    SFTP_FLAG=""
    ;;
esac

create_seed_and_key() {
   if [ ! -f "$RANDOM_SEED" ]; then
      log_action_begin_msg "Creating lsh random seed file (this only needs to be done once)"
      DIR=$(dirname "$RANDOM_SEED")
      if install -d -m 700 "$DIR" &&
          dd if=/dev/random "of=$RANDOM_SEED" bs=1 count=32 2>/dev/null &&
          chmod 600 "$RANDOM_SEED"; then
          log_action_end_msg 0
      else
          log_action_end_msg 1
          exit 1
      fi
   fi

   if [ ! -f "$HOST_KEY" ]; then
      log_action_begin_msg "Creating lsh host key (this only needs to be done once)"
      lsh-keygen --server | lsh-writekey --server --output-file "$HOST_KEY"

      if [ ! -f "$HOST_KEY" ]; then
         log_action_end_msg 1
         exit 1
      fi
     
      log_action_end_msg 0
   fi
}


case "$1" in
  start)
        create_seed_and_key
        [ "$VERBOSE" = no ] || log_daemon_msg "Starting $DESC" "$NAME"
        start-stop-daemon --start --quiet --oknodo --pidfile $PIDFILE --exec $DAEMON \
                          -- --daemonic --port "$LSHD_PORT" $SFTP_FLAG
        ret=$?
        [ "$VERBOSE" = no ] || log_end_msg $ret
        ;;
  stop|graceful-stop)
        [ "$VERBOSE" = no ] || log_daemon_msg "Gracefully stopping $DESC" "$NAME"
        # Signal 1 causes the "old" lsh to close up shop on its port, but
        # keeps running until all active connections have been closed
        start-stop-daemon --stop --retry HUP/1 --quiet --pidfile $PIDFILE \
            --oknodo --exec $DAEMON
        ret=$?
        [ "$VERBOSE" = no ] || log_end_msg $ret
        ;;
  restart|force-reload)
        create_seed_and_key
        [ "$VERBOSE" = no ] || log_daemon_msg "Restarting $DESC" "$NAME"
        start-stop-daemon --stop --retry HUP/1 --quiet --pidfile $PIDFILE \
            --oknodo --exec $DAEMON &&
        start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON \
                       -- --daemonic --port "$LSHD_PORT" $SFTP_FLAG
        ret=$?
        [ "$VERBOSE" = no ] || log_end_msg $ret
        ;;
  status)
        status_of_proc "$DAEMON" "$NAME" && exit 0 || exit $?
        ;;
  *)
        echo "Usage: /etc/init.d/lsh-utils {start|stop|restart|force-reload}" >&2
        exit 3
        ;;
esac