dhcp/dhcpd.script

430 lines
13 KiB
Plaintext
Raw Normal View History

#! /bin/bash
# Copyright (c) 1996, 1997, 1998 S.u.S.E. GmbH
# Copyright (c) 1998, 1999, 2000, 2001 SuSE GmbH
# Copyright (c) 2002, 2003 SuSE Linux AG
# Copyright (c) 2004-2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# This program is free software; you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free Software
# Foundation; either version 2 of the License, or (at your option) any later
# version.
#
# This program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
# details.
#
# You should have received a copy of the GNU General Public License along with
# this program; if not, see <http://www.gnu.org/licenses/>.
#
# Author: Rolf Haberrecker <rolf@suse.de>, 1997-1999
# Peter Poeml <poeml@suse.de>, 2000-2006
# Marius Tomaschewski <mt@suse.de>, 2006-2010
#
# /usr/lib/dhcp/dhcpd helper script, fromer /etc/init.d/dhcpd init script.
#
###
test -s /etc/sysconfig/dhcpd && . /etc/sysconfig/dhcpd
SUPPORTS_CHROOT="yes"
SUPPORTS_RUN_AS="yes"
SUPPORTS_HUP="no"
# note: $DAEMON_PIDFILE is a symlink to the
# $DAEMON_STATE$DAEMON_PIDFILE (also
# while DHCPD_RUN_CHROOTED=no) now,
# as DHCPD_RUN_AS is not allowed to
# create pid files in /run.
DHCPv_OPT=$1 ; shift
case $DHCPv_OPT in
-4)
DAEMON='ISC DHCPv4 Server'
DAEMON_BIN=/usr/sbin/dhcpd
DAEMON_CONF=/etc/dhcpd.conf
DAEMON_STATE=/var/lib/dhcp
DAEMON_LEASES=dhcpd.leases
DAEMON_PIDFILE=/run/dhcpd.pid
STARTPROC_LOGFILE=/var/log/rc.dhcpd.log
LDAP_CONF=/etc/openldap/ldap.conf
test "$DHCPD_RUN_CHROOTED" = "yes" && \
CHROOT_PREFIX="$DAEMON_STATE" || CHROOT_PREFIX=''
DHCPD_CONF_INCLUDE_FILES=${DHCPD_CONF_INCLUDE_FILES:-/etc/dhcpd.d}
;;
-6)
DAEMON='ISC DHCPv6 Server'
DAEMON_BIN=/usr/sbin/dhcpd
DAEMON_CONF=/etc/dhcpd6.conf
DAEMON_STATE=/var/lib/dhcp6
DAEMON_LEASES=dhcpd6.leases
DAEMON_PIDFILE=/run/dhcpd6.pid
STARTPROC_LOGFILE=/var/log/rc.dhcpd6.log
LDAP_CONF=""
test "$DHCPD6_RUN_CHROOTED" = "yes" && \
CHROOT_PREFIX="$DAEMON_STATE" || CHROOT_PREFIX=''
DHCPD_RUN_AS=$DHCPD6_RUN_AS
DHCPD_INTERFACE=$DHCPD6_INTERFACE
DHCPD_OTHER_ARGS=$DHCPD6_OTHER_ARGS
DHCPD_CONF_INCLUDE_FILES=${DHCPD6_CONF_INCLUDE_FILES:-/etc/dhcpd6.d}
;;
*)
echo >&2 "Usage: $0 <-4|-6> <action>"
exit 2
;;
esac
# Return values acc. to LSB for all commands but status:
# 0 - success
# 1 - generic or unspecified error
# 2 - invalid or excess argument(s)
# 3 - unimplemented feature (e.g. "reload")
# 4 - insufficient privilege
# 5 - program is not installed
# 6 - program is not configured
# 7 - program is not running
#
# Note that starting an already running service, stopping
# or restarting a not-running service as well as the restart
# with force-reload (in case signalling is not supported) are
# considered a success.
if ! [ -x "$DAEMON_BIN" ]; then
case $1 in
stop) ;;
*) echo -n >&2 "\"$DAEMON_BIN\" is not an executable file. Exiting."
case $1 in
status) exit 4 ;;
*) exit 5 ;;
esac
;;
esac
exit
fi
if ! [ -r "$DAEMON_CONF" ] ; then
case $1 in
stop|status)
if test ! -s /etc/sysconfig/dhcpd ; then
test -e $DAEMON_STATE/$DAEMON_PIDFILE && \
CHROOT_PREFIX="$DAEMON_STATE" || CHROOT_PREFIX=''
fi
;;
*)
echo -n >&2 "\"$DAEMON_CONF\" config file missed. Exiting."
exit 6
;;
esac
fi
# remove empty pid files to avoid disturbing warnings by checkproc/killproc
# (these can occur if dhcpd does not start correctly)
test -e $DAEMON_PIDFILE && ! test -s $DAEMON_PIDFILE && rm $DAEMON_PIDFILE
test -e $DAEMON_STATE/$DAEMON_PIDFILE && ! test -s $DAEMON_STATE/$DAEMON_PIDFILE && rm $DAEMON_STATE/$DAEMON_PIDFILE
case "$1" in
start)
echo -n "Starting $DAEMON "
## If there is no conf file, skip starting of dhcpd
## and return with "program not configured"
if ! [ -f $DAEMON_CONF ]; then
echo -n "... no configuration file found";
# service is not configured
exit 6;
fi
## If the interfaces are not set, skip starting of dhcpd
## and return with "program not configured"
if [ -z "$DHCPD_INTERFACE" ]; then
var="DHCPD_INTERFACE"
case $DHCPv_OPT in -6) var=DHCPD6_INTERFACE ;; esac
echo -n "... set $var in /etc/sysconfig/dhcpd"
# service is not configured
exit 6;
fi
if [ "$DHCPD_INTERFACE" = "ANY" ]; then
DHCPD_INTERFACE=""
fi
jail=${CHROOT_PREFIX:-${DAEMON_STATE}}; leases=$DAEMON_LEASES
if ! [ -e $jail/db/$leases ]; then
# until 9.0, the lease file was in /var/lib/dhcp and part of the package
if test -e $jail/$leases -a '!' -L $jail/$leases; then
# this is the case where the %post script runs _before_ the old package is
# removed (i.e., dhcpd.leases has not renamed to .rpmsave yet)
mv $jail/$leases $jail/db/$leases && \
ln -s db/$leases $jail/
elif test -e $jail/$leases.rpmsave; then
# this is what's left when the package is already gone.
mv $jail/$leases.rpmsave $jail/db/$leases && \
ln -s db/$leases $jail/
else
# fresh installation:
# a lease file must be present. the server won't start without
touch $jail/db/$leases
fi
fi
if test "$DHCPD_RUN_CHROOTED" = "yes" ; then
## copy the conf file to the chroot jail (dhcpd has to be restarted anyway,
## when it has changed) and change path to leases file
for i in $DAEMON_CONF $DHCPD_CONF_INCLUDE_FILES $LDAP_CONF /etc /dev; do
if test -d "${i}" ; then
test -d "$CHROOT_PREFIX/${i}" || \
mkdir -p "$CHROOT_PREFIX/${i}"
elif test -e "${i}" ; then
test -d "$CHROOT_PREFIX/${i%/*}" || \
mkdir -p "$CHROOT_PREFIX/${i%/*}"
fi
done
rm -f $CHROOT_PREFIX/dev/urandom
for i in $DAEMON_CONF $DHCPD_CONF_INCLUDE_FILES $LDAP_CONF /etc/{gai.conf,nsswitch.conf,resolv.conf,host.conf,hosts,localtime,bindresvport.blacklist} /dev/urandom; do
if ! test -e "$i"; then continue; fi # neither of them is absolutely necessary
cp -aL "$i" "${CHROOT_PREFIX}/${i%/*}/" &>/dev/null \
|| { echo "...$0:$LINENO: could not copy $i to chroot jail"; exit 6; }
done
libdir=@LIBDIR@
if test -x /usr/bin/ldd ; then
get_ldd_deps()
{
ldd_wl="\/${libdir}\/lib"
ldd_bl="\/${libdir}\/libc\."
/usr/bin/ldd "$1" | \
while read -sr a b c d ; do
[ -n "$c" ] || continue
[[ $c =~ $ldd_wl ]] || continue
[[ $c =~ $ldd_bl ]] && continue
echo $c
done
}
else
get_ldd_deps() { :; }
fi
cplibs=`for i in /$libdir/{libresolv.so.*,libnss_*.so.*} \
/$libdir/{libpthread.so.0,libdl.so.2,libgcc_s.so.*} ;
do
if [ -s "$i" ] ; then
echo "$i"
get_ldd_deps "$i"
fi
done | sort -u`
for i in $cplibs ; do
if [ -s "$i" ]; then
cp -pL "$i" "${CHROOT_PREFIX}/$libdir/" \
|| { echo "...$0:$LINENO: could not copy $i to chroot jail"; exit 6; }
fi
done
# mount /proc into the chroot; the server fails if unable to read /proc/net/{dev,if_inet6}
mkdir -p ${CHROOT_PREFIX}/proc
mount -t proc -o ro proc ${CHROOT_PREFIX}/proc 2>/dev/null
DHCPD_ARGS="-chroot $CHROOT_PREFIX -lf /db/$DAEMON_LEASES"
## If there is a pid file containing a pid, the machine might have crashed. pid files in
## /run are always cleaned up at boot time, but this is not the case for the pid file in
## the chroot jail. Therefore, and old pid file may exist. This is only a problem if it
## incidentally contains the pid of a running process. If this process is not a 'dhcpd',
## we remove the pid. (dhcpd itself only checks whether the pid is alive or not.)
if test -s $DAEMON_STATE/$DAEMON_PIDFILE; then
p=$(<$DAEMON_STATE/$DAEMON_PIDFILE)
if test -n "$p" && grep -qsE "^${DAEMON_BIN}" "/proc/$p/cmdline" ; then
echo -n '(already running) '
else
rm -f $DAEMON_STATE/$DAEMON_PIDFILE
fi
fi
PID_FILE_ARG="$DAEMON_PIDFILE"
else
DHCPD_ARGS="-lf ${DAEMON_STATE}/db/$DAEMON_LEASES"
PID_FILE_ARG="$DAEMON_STATE$DAEMON_PIDFILE"
fi
if [ -n "$DHCPD_RUN_AS" ]; then
DHCPD_RUN_AS_GROUP="$(getent group $(getent passwd $DHCPD_RUN_AS | cut -d: -f4) | cut -d: -f1)"
DHCPD_ARGS="$DHCPD_ARGS -user $DHCPD_RUN_AS -group $DHCPD_RUN_AS_GROUP"
chown "${DHCPD_RUN_AS}:${DHCPD_RUN_AS_GROUP}" \
"$DAEMON_STATE/${DAEMON_PIDFILE%/*}"
fi
## check syntax with -t (output to log file) and start only when the syntax is okay
rm -f $STARTPROC_LOGFILE # start log
error=0
if ! $DAEMON_BIN $DHCPv_OPT -t -cf $CHROOT_PREFIX/$DAEMON_CONF -pf $PID_FILE_ARG > $STARTPROC_LOGFILE 2>&1 ; then
error=1
else
## Start daemon. If this fails the return value is set appropriate.
## The init script should return 0, even if service is already running,
## to match the LSB spec.
test "$2" = "-v" && echo -en \
"\nexecuting '$DAEMON_BIN $DHCPv_OPT -cf $DAEMON_CONF -pf $PID_FILE_ARG $DHCPD_ARGS $DHCPD_OTHER_ARGS $DHCPD_INTERFACE'"
$DAEMON_BIN $DHCPv_OPT -cf $DAEMON_CONF -pf $PID_FILE_ARG $DHCPD_ARGS $DHCPD_OTHER_ARGS $DHCPD_INTERFACE &> $STARTPROC_LOGFILE
ret=$?
fi
if [ $error -gt 0 -o ${ret:-0} -gt 0 ]; then
## be verbose
echo ""
echo -n " please see $STARTPROC_LOGFILE for details "
## set status to failed
exit 1
else
ln -sf "$DAEMON_STATE$DAEMON_PIDFILE" "$DAEMON_PIDFILE"
[ "$DHCPD_RUN_CHROOTED" = "yes" ] && echo -n "[chroot]" || :
fi
;;
stop)
echo -n "Shutting down $DAEMON "
# Catch the case where daemon is running without chroot,
# but sysconfig/dhcp has been changed to use chroot (and
# another way around).
# In this case is there is no $chroot/$pidfile, but there
# should be a /pidfile that we use instead.
# We can not kill without pid file or dhcp4 kills dhcp6.
PID_FILE="$DAEMON_STATE$DAEMON_PIDFILE"
if test "$DHCPD_RUN_CHROOTED" = "yes" ; then
if test ! -s "$DAEMON_STATE$DAEMON_PIDFILE" -a \
-s "$DAEMON_PIDFILE" ; then
PID_FILE="$DAEMON_PIDFILE"
fi
else
if test ! -s "$DAEMON_PIDFILE" -a \
-s "$DAEMON_STATE$DAEMON_PIDFILE" ; then
PID_FILE="$DAEMON_STATE$DAEMON_PIDFILE"
fi
fi
## Stop daemon with killproc(8) and if this fails
## set echo the echo return value.
killproc -p "$PID_FILE" $DAEMON_BIN
ret=$?
# umount proc and remove libraries from the chroot jail,
# so they are not left over if the server is deinstalled
if [ "$DHCPD_RUN_CHROOTED" = yes -a -n "$CHROOT_PREFIX" ]; then
umount ${CHROOT_PREFIX}/proc 2>/dev/null
rm -f $CHROOT_PREFIX/lib*/*
fi
exit $ret
;;
try-restart)
## Do a restart only if the service was active before.
## Note: try-restart is now part of LSB (as of 1.9).
## RH has a similar command named condrestart.
$0 $DHCPv_OPT status
if test $? = 0; then
$0 $DHCPv_OPT restart
fi
;;
restart)
## Check syntax and when it is OK, stop the service
## and regardless of whether it was running or not,
## start it again.
if ! $0 $DHCPv_OPT check-syntax &>/dev/null ; then
echo -n "Syntax check reports errors, see log messages"
exit 1
else
$0 $DHCPv_OPT stop
sleep 3
$0 $DHCPv_OPT start
fi
;;
force-reload)
## Signal the daemon to reload its config. Most daemons
## do this on signal 1 (SIGHUP).
## If it does not support it, restart.
if [ "$SUPPORTS_HUP" = "yes" ]; then
echo -n "Reload service $DAEMON"
killproc -p $DAEMON_STATE/$DAEMON_PIDFILE -HUP $DAEMON_BIN
#touch $DAEMON_STATE/$DAEMON_PIDFILE
elif ! $0 $DHCPv_OPT check-syntax &>/dev/null ; then
echo -n "Syntax check reports errors, see log messages"
exit 1
else
$0 $DHCPv_OPT stop && sleep 3 && $0 $DHCPv_OPT start
fi
;;
reload)
## Like force-reload, but if daemon does not support
## signalling, do nothing (!)
echo -n "Reload service $DAEMON"
if [ "$SUPPORTS_HUP" = "yes" ]; then
# If it supports signalling:
killproc -p $DAEMON_STATE/$DAEMON_PIDFILE -HUP $DAEMON_BIN
#touch $DAEMON_STATE/$DAEMON_PIDFILE
else
## Otherwise if it does not support reload:
exit 3
fi
;;
status)
echo -n "Checking for $DAEMON: "
## Check status with checkproc(8), if process is running
## checkproc will return with exit status 0.
# Status has a slightly different for the status command:
# 0 - service running
# 1 - service dead, but /run/ pid file exists
# 2 - service dead, but /var/lock/ lock file exists
# 3 - service not running
# NOTE: checkproc returns LSB compliant status values.
checkproc -p $DAEMON_STATE/$DAEMON_PIDFILE $DAEMON_BIN
;;
probe)
## Optional: Probe for the necessity of a reload,
## give out the argument which is required for a reload.
rc=0
for i in /etc/sysconfig/dhcpd $DAEMON_CONF $DHCPD_CONF_INCLUDE_FILES; do
test $i -nt $DAEMON_STATE/$DAEMON_PIDFILE && rc=1
done
test $rc = 1 && echo restart
;;
check-syntax|syntax-check)
echo -n "Checking syntax of $DAEMON_CONF: "
## this nice bit is from Edwin Groothuis:
## check syntax (quiet)
$DAEMON_BIN $DHCPv_OPT -q -t -cf $DAEMON_CONF
if [ $? -ne 0 ]; then
echo ""
## check syntax (verbose)
$DAEMON_BIN $DHCPv_OPT -t -cf $DAEMON_CONF
echo -ne '\nConfig is NOT okay'
exit 1
fi
;;
check-lease|check-lease-file)
echo -n "Checking lease file $DAEMON_LEASES: "
if [ -s ${DAEMON_STATE}/db/$DAEMON_LEASES ] ; then
## check leases file (quiet)
$DAEMON_BIN $DHCPv_OPT -q -T -cf /dev/null -lf ${DAEMON_STATE}/db/$DAEMON_LEASES
if [ $? -ne 0 ]; then
echo ""
## check leases file (verbose)
$DAEMON_BIN $DHCPv_OPT -T -cf $DAEMON_CONF -lf ${DAEMON_STATE}/db/$DAEMON_LEASES
echo -ne '\nLease file is NOT okay'
exit 1
fi
fi
;;
*)
SCRIPT="${SCRIPT:-${0##*/} $DHCPv_OPT}"
echo "Usage: $SCRIPT {start|stop|status|try-restart|restart|force-reload|reload|probe|check-syntax} [-v]"
exit 1
esac