From c9731b9b3ee43c4c8d82c31009a5870a01d3acfa Mon Sep 17 00:00:00 2001 From: Adam Chlipala Date: Mon, 12 Feb 2007 03:09:02 +0000 Subject: [PATCH] init.d script for domtool-slave --- Makefile | 3 ++ scripts/domtool-server | 1 - scripts/domtool-slave | 55 ++++++++++++++++++++++++++++++++ scripts/domtool-slave-logged | 1 + src/main-admin.sml | 2 ++ src/main.sig | 3 ++ src/main.sml | 62 ++++++++++++++++++++++++++++++------ 7 files changed, 117 insertions(+), 10 deletions(-) create mode 100755 scripts/domtool-slave create mode 100755 scripts/domtool-slave-logged diff --git a/Makefile b/Makefile index 4fb0853..a509c0b 100644 --- a/Makefile +++ b/Makefile @@ -138,6 +138,9 @@ install: cp scripts/domtool-rmuser /usr/local/bin/ cp scripts/domtool-admin-sudo /usr/local/bin/ cp scripts/domtool-server-logged /usr/local/bin/ + cp scripts/domtool-slave-logged /usr/local/bin/ + cp scripts/domtool-server /etc/init.d/ + cp scripts/domtool-slave /etc/init.d/ cp openssl/openssl_sml.so /usr/local/lib/ -cp bin/domtool-server /usr/local/sbin/ -cp bin/domtool-slave /usr/local/sbin/ diff --git a/scripts/domtool-server b/scripts/domtool-server index 6d45215..c0364e7 100755 --- a/scripts/domtool-server +++ b/scripts/domtool-server @@ -9,7 +9,6 @@ set -e case $1 in start) - # Start daemon echo -n "Starting Domtool dispatcher: domtool-server" if sudo -u domtool domtool-admin-sudo ping; then echo "...already running." diff --git a/scripts/domtool-slave b/scripts/domtool-slave new file mode 100755 index 0000000..3611598 --- /dev/null +++ b/scripts/domtool-slave @@ -0,0 +1,55 @@ +#!/usr/bin/pagsh.openafs + +# This script should go in /etc/init.d/ on Debian Linux systems running Domtool slaves. + +SELF=$(cd $(dirname $0); pwd -P)/$(basename $0) +PIDFILE="/var/run/k5start-domtool-slave.pid" + +set -e + +case $1 in + start) + echo -n "Starting Domtool slave: domtool-slave" + if sudo -u domtool domtool-admin-sudo slave-ping; then + echo "...already running." + else + start-stop-daemon --start --pidfile $PIDFILE \ + -c domtool:domtool \ + --exec /usr/bin/k5start -- -b -f /etc/keytabs/domtool.keytab \ + -K 300 -t -p $PIDFILE \ + domtool/deleuze.hcoop.net \ + domtool-slave-logged + echo "." + fi + ;; + + stop) + echo -n "Stopping Domtool slave: domtool-slave" + if sudo -u domtool domtool-admin-sudo slave-shutdown; then + echo "." + else + start-stop-daemon --stop --pidfile $PIDFILE + echo "." + fi + rm -f $PIDFILE + ;; + + restart|reload|force-reload) + $SELF stop + $SELF start + ;; + + status) + if sudo -u domtool domtool-admin-sudo slave-ping; then + echo "Domtool slave is running." + else + echo "Domtool slave is stopped." + exit 3 + fi + ;; + + *) + echo "Usage: $SELF start|stop|restart|reload|force-reload|status" + exit 1 + ;; +esac diff --git a/scripts/domtool-slave-logged b/scripts/domtool-slave-logged new file mode 100755 index 0000000..c892bdf --- /dev/null +++ b/scripts/domtool-slave-logged @@ -0,0 +1 @@ +domtool-slave >>/var/log/domtool.log 2>>/var/log/domtool.log diff --git a/src/main-admin.sml b/src/main-admin.sml index ef59a22..a07c277 100644 --- a/src/main-admin.sml +++ b/src/main-admin.sml @@ -46,4 +46,6 @@ val _ = | ["regen"] => Main.requestRegen () | ["rmuser", user] => Main.requestRmuser user | ["ping"] => OS.Process.exit (Main.requestPing ()) + | ["slave-shutdown"] => Main.requestSlaveShutdown () + | ["slave-ping"] => OS.Process.exit (Main.requestSlavePing ()) | _ => print "Invalid command-line arguments\n" diff --git a/src/main.sig b/src/main.sig index 63f24e5..6c00df4 100644 --- a/src/main.sig +++ b/src/main.sig @@ -44,6 +44,9 @@ signature MAIN = sig val requestRegen : unit -> unit val requestRmuser : string -> unit + val requestSlavePing : unit -> OS.Process.status + val requestSlaveShutdown : unit -> unit + val service : unit -> unit val slave : unit -> unit diff --git a/src/main.sml b/src/main.sml index cb39416..29d2b37 100644 --- a/src/main.sml +++ b/src/main.sml @@ -167,6 +167,9 @@ fun eval' fname = val dispatcher = Config.dispatcher ^ ":" ^ Int.toString Config.dispatcherPort +val self = + "localhost:" ^ Int.toString Config.slavePort + fun requestContext f = let val uid = Posix.ProcEnv.getuid () @@ -191,6 +194,13 @@ fun requestBio f = (user, OpenSSL.connect (context, dispatcher)) end +fun requestSlaveBio () = + let + val (user, context) = requestContext (fn () => ()) + in + (user, OpenSSL.connect (context, self)) + end + fun request fname = let val (user, bio) = requestBio (fn () => ignore (check fname)) @@ -299,6 +309,30 @@ fun requestShutdown () = OpenSSL.close bio end +fun requestSlavePing () = + let + val (_, bio) = requestSlaveBio () + in + OpenSSL.close bio; + OS.Process.success + end + handle _ => OS.Process.failure + +fun requestSlaveShutdown () = + let + val (_, bio) = requestSlaveBio () + in + Msg.send (bio, MsgShutdown); + case Msg.recv bio of + NONE => print "Server closed connection unexpectedly.\n" + | SOME m => + case m of + MsgOk => print "Shutdown begun.\n" + | MsgError s => print ("Shutdown failed: " ^ s ^ "\n") + | _ => print "Unexpected server reply.\n"; + OpenSSL.close bio + end + fun requestGrant acl = let val (user, bio) = requestBio (fn () => ()) @@ -650,6 +684,8 @@ fun rmuser user = Domain.rmdom doms end +fun now () = Date.toString (Date.fromTimeUniv (Time.now ())) + fun service () = let val () = Acl.read Config.aclFile @@ -667,7 +703,7 @@ fun service () = | SOME bio => let val user = OpenSSL.peerCN bio - val () = print ("\nConnection from " ^ user ^ " at " ^ Date.toString (Date.fromTimeUniv (Time.now ())) ^ "\n") + val () = print ("\nConnection from " ^ user ^ " at " ^ now () ^ "\n") val () = Domain.setUser user fun doIt f cleanup = @@ -756,7 +792,7 @@ fun service () = | MsgShutdown => if Acl.query {user = user, class = "priv", value = "all"} orelse Acl.query {user = user, class = "priv", value = "shutdown"} then - print ("Domtool dispatcher shutting down at " ^ Date.toString (Date.fromTimeUniv (Time.now ())) ^ "\n\n") + print ("Domtool dispatcher shutting down at " ^ now () ^ "\n\n") else (print "Unauthorized shutdown command!\n"; OpenSSL.close bio @@ -1011,7 +1047,7 @@ fun service () = handle OpenSSL.OpenSSL _ => (); loop ()) in - print ("Domtool dispatcher starting up at " ^ Date.toString (Date.fromTimeUniv (Time.now ())) ^ "\n"); + print ("Domtool dispatcher starting up at " ^ now () ^ "\n"); print "Listening for connections....\n"; loop (); OpenSSL.shutdown sock @@ -1027,19 +1063,17 @@ fun slave () = val sock = OpenSSL.listen (context, Config.slavePort) + val _ = print ("Slave server starting at " ^ now () ^ "\n") + fun loop () = case OpenSSL.accept sock of NONE => () | SOME bio => let val peer = OpenSSL.peerCN bio - val () = print ("\nConnection from " ^ peer ^ "\n") + val () = print ("\nConnection from " ^ peer ^ " at " ^ now () ^ "\n") in - if peer <> Config.dispatcherName then - (print "Not authorized!\n"; - OpenSSL.close bio; - loop ()) - else let + if peer = Config.dispatcherName then let fun loop' files = case Msg.recv bio of NONE => print "Dispatcher closed connection unexpectedly\n" @@ -1058,6 +1092,16 @@ fun slave () = OpenSSL.close bio; loop () end + else if peer = "domtool" then + case Msg.recv bio of + SOME MsgShutdown => (OpenSSL.close bio; + print ("Shutting down at " ^ now () ^ "\n\n")) + | _ => (OpenSSL.close bio; + loop ()) + else + (print "Not authorized!\n"; + OpenSSL.close bio; + loop ()) end handle OpenSSL.OpenSSL s => (print ("OpenSSL error: "^ s ^ "\n"); OpenSSL.close bio -- 2.20.1