[alpine-devel] [PATCH] Revised Init Script for PSAD (Port Scan Attack Detector)

IT Offshore
Details
Message ID
<1383328057-6243-1-git-send-email-developer@it-offshore.co.uk>
Sender timestamp
1383328057
DKIM signature
missing
Download raw message
Patch: +31 -197
Revised psad.initd / .confd to make use of OpenRC's runscript functions
& builtin messaging.

Updated checksums for APKBUILD.
---
 testing/psad/APKBUILD   |  12 +--
 testing/psad/psad.confd |   4 +-
 testing/psad/psad.initd | 212 ++++++------------------------------------------
 3 files changed, 31 insertions(+), 197 deletions(-)

diff --git a/testing/psad/APKBUILD b/testing/psad/APKBUILD
index dcef928..ab36581 100644
--- a/testing/psad/APKBUILD
+++ b/testing/psad/APKBUILD
@@ -76,11 +76,11 @@ package() {
 }
 
 md5sums="ee600d9b6b4b915b026370c9a3726b5f  psad-nodeps-2.2.1.tar.gz
-09628b84a98044122f0319e9d0dce193  psad.initd
-10cb8b8f6cb7b70a0277011780ead791  psad.confd"
+6e5ef9b0ddebf1a229da58b0f1918f89  psad.initd
+bc07efebb41cc23c4be129bbbacc874b  psad.confd"
 sha256sums="0422cdd1a37d4c8fcc1a4ce6e7c4a6974e58fdde82242f45b83eb6beb85708b5  psad-nodeps-2.2.1.tar.gz
-4b3848eadd775ae34103717d9c24ea772c5eec5a79efa85114b48ca9976cb626  psad.initd
-e3d5e969d8876c9862e539bb551b3271eb837ac0207e66e04f46739f0b28979c  psad.confd"
+b38a3643f0b0c9ed338f1c3f1beea6114ba5b0a8cfb60097598066aa4e415c32  psad.initd
+74c72225fa37c367a458321b737050cacaf262f32b0cc13babc54468ff1988b9  psad.confd"
 sha512sums="9e3f475376c3c7b753e71676f5c9d639e9fffd93caf864faa130f8030e37f9a6c57ba59c9519d2bd8dde945f7ff7a014ca2a710bd4b7be9721ca7f13f879b970  psad-nodeps-2.2.1.tar.gz
-5941feaf39a3766b5c5ec206c6dcbe40a98945f6fd1f7ccfe5797dd8666ef1e95c026a2cbc394de75eb7b639466d267d92ef9ae7bb54933880879dd3b71f6e48  psad.initd
-1018a37ea0200fe629fb8a18a41d2c041d4d27bf201452c919e28b651fa0b797bf4368fafe78ea786f463148412b3d79f4815f761c60b07c6652083067ed1743  psad.confd"
+01fbb402032f8cff9d2c6be3a032c5ea446d4708ca4f56addebba84bbd1b70e69e4c94b31a3af2680bbf8633f854f1ed8ef78ac746450ff1848fdbc4c90bf44a  psad.initd
+a80666f59356cc6157a9f5dca132991d4f1e0afda8f673d602de2557219d5521bec9ae148330e98d9483175d14d96e4cc2ccd11541d8b187b0e47f44ba4ada54  psad.confd"
diff --git a/testing/psad/psad.confd b/testing/psad/psad.confd
index b731cdb..27ce228 100644
--- a/testing/psad/psad.confd
+++ b/testing/psad/psad.confd
@@ -4,5 +4,5 @@
 # For example if you would like to add an override file for your setup, this
 # can be achived this way:
 #
-#     DAEMON_ARGS="--Override-config /root/psad.override.conf"
-DAEMON_ARGS=""
+#     command_args="--Override-config /root/psad.override.conf"
+command_args=""
diff --git a/testing/psad/psad.initd b/testing/psad/psad.initd
index ab2251f..3e12cf4 100644
--- a/testing/psad/psad.initd
+++ b/testing/psad/psad.initd
@@ -2,14 +2,10 @@
 
 # This file is part of PSAD (Port Scan Attack Detector)
 # Adapted for Alpine Linux by IT Offshore <developer@it-offshore.co.uk>
-# Original Author: Franck Joncourt <franck@debian.org>
 
-PATH=/sbin:/usr/sbin:/bin:/usr/bin
-DESC="Port Scan Attack Detector"
-NAME=psad
-DAEMON=/usr/sbin/$NAME
-PIDDIR=/var/run/psad
-SCRIPTNAME=/etc/init.d/psad
+command="/usr/sbin/psad"
+pidfile="/var/run/psad/psad.pid"
+config_file="/etc/psad/psad.conf"
 
 depend() {
 	need net
@@ -17,204 +13,42 @@ depend() {
 	after iptables
 }
 
-# Exit if the package is not installed
-[ -x "$DAEMON" ] || exit 0
+# allow override config_file location from conf.d
+: ${config_file:="/etc/psad/psad.conf"}
 
-# Load user options to pass to psad daemon
-DAEMON_ARGS=""
-[ -r /etc/conf.d/psad ] && . /etc/conf.d/psad
-
-# Function that checks if all of the configuration files exist
-#
-# Return
-#   0 : all of the configuration files exist
-#   6 : at least one file is missing
-
-check_config()
-{
-	local retval
-	local file_list
-
-	retval=0
-	file_list="/etc/psad/psad.conf"
-
-	for ConfFile in $file_list; do
-		if [ ! -f "$ConfFile" ]; then
-			retval=6	
-		 	break	
-		fi
-	done
-
-	return $retval
+check_config() {
+	[ -f "$config_file" ] || error "$config_file is missing"
 }
 
-#
-# Function to check if psad is running
-#
-#    0 : the psad.pid file has been found ; we assume the daemon is running
-#    1 : no pid file has been found ; we assume the daemon is not running
-#
-is_psad_running()
-{
-        local pidfile="$PIDDIR/psad.pid"
-        local retval
-
-        retval=0
-        if [ -r "$pidfile" ]; then
-                retval=1
-        fi
-
-        return $retval
+start_pre() {
+	check_config || return 1
+	# make sure dir for pidfile exists. /var/run is tmpfs...
+	checkpath --directory ${pidfile%/*}
 }
 
-#
-# Function that starts the daemon/service
-#
-#   0 : daemon has been started or was already running
-#   1 : generic or unspecified errors (could not be started)
-#   6 : program is not configured (missing configuration files)
-
-do_start()
-{
-	local retval
-
-
-        mkdir -p $PIDDIR
-        chmod 755 $PIDDIR
-
-	# Check psad configuration
-	check_config
-	retval=$?
-
-	# Try to start psad
-        is_psad_running
-        if [ "$?" = 1 ]; then
-            log_action_msg "The psad daemon is already running"
-            retval=0
-
-	elif [ "$retval"  = "0" ]; then
-		start-stop-daemon --start --quiet --pidfile $PIDDIR/$NAME --exec $DAEMON -- $DAEMON_ARGS
-		retval="$?"
-	fi
-
-	# Handle return status codes
-	case "$retval" in
-		0)	 
-			;;
-		6)	
-			log_action_msg "You are missing the configuration file $ConfFile" || true
-			;;
-		9)	
-			retval=0
-			;;
-		*)
-			retval=1
-			log_action_msg "Unable to start the daemon" || true
-			;;
-	esac
-
-	log_daemon_msg "Starting Port Scan Attack Detector" "psad" || true
-        log_end_msg $retval || true
-
-	return $retval
+start() {
+    ebegin "Starting PSAD (Port Scan Attack Detector)"
+    start-stop-daemon --start $command --pidfile $pidfile
+    eend $?
 }
 
-#
-# Function that stops the daemon/service
-#
-# The upstream author has allowed the daemon to be killed through the 
-# following command-line : psad --Kill
-#
-# As psad starts kmsgsd and psadwatchd on its own, we need to stop them before.
-#
-# Return
-#   0 : daemon has been stopped or was already stopped
-#   1 : daemon could not be stopped
-
-do_stop()
+stop()
 {
-	local retval="0"
-	local status kill_status
-	local pid pidfile
+	local pidfile
+	local piddir=/var/run/psad
 	local process_list="psadwatchd kmsgsd psad"
 
-	# For each process
+	# Stop all 3 daemons with psad stopped last as it launches the other 2
 	for process in $process_list; do
 
-		pidfile="$PIDDIR/$process.pid"
-		status="0"
-		kill_status="1"
-
-		log_action_msg "Stopping the $process process"
-
-		# Try to kill the process associated to the pid
-		if [ -r "$pidfile" ]; then
-			pid=`cat "$pidfile" 2>/dev/null`
-			kill -0 "${pid:-}" 2>/dev/null
-			kill_status="$?"
-		fi
-
-		# Stop the process
-		if [ "$kill_status" = "0" ]; then
-			start-stop-daemon --stop --oknodo --quiet --pidfile "$pidfile"
-			status="$?"
-		fi
-
-		# Remove its pid file
-		if [ -r "$pidfile" ] && [ "$status" = "0" ]; then
-			 rm -f "$pidfile" 2>/dev/null
-			 status="$?"
-		fi
-
-		[ "$status" = "0" ] || retval="1"
+		pidfile="$piddir/$process.pid"
+		einfo "Stopping the $process process"
+		start-stop-daemon --stop $process --progress --pidfile $pidfile
+		eend $?
 
 	done
-
-	if [ "$retval" != "0" ]; then
-		log_action_msg "One or more process could not be stopped" || true
-	fi
-
-        log_daemon_msg "Stopping Port Scan Attack Detector" "psad" || true
-        log_end_msg $retval || true
-
-	return $retval
 }
 
-#
-# Function that returns the daemon status
-#
-do_status()
-{
-	echo "Status of $DESC:"
-	$DAEMON --Status
-}
-
-case "$1" in
-	start)
-		do_start
-		;;
-
-	stop)
-		do_stop
-		;;
-
-	restart|force-reload)
-		do_stop
-		sleep 1
-		do_start
-		;;
-
-	status)
-		do_status
-		exit $?
-		;;
-
-	*)
-		log_success_msg "Usage: $0 {start|stop|restart|status}" >&2
-		exit 1 
-		;;
-esac
-
 exit
 
 
-- 
1.8.4.2



---
Unsubscribe:  alpine-devel+unsubscribe@lists.alpinelinux.org
Help:         alpine-devel+help@lists.alpinelinux.org
---