sks-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Sks-devel] FreeBSD init scripts

From: Phil Pennock
Subject: [Sks-devel] FreeBSD init scripts
Date: Sat, 14 Feb 2015 08:01:26 -0500 
On 2015-02-13 at 10:54 -0800, David Benfell wrote:
> On FreeBSD, we seem not to have checkpath, at least in the places
> where I looked. I have tweaked init scripts crafted by--I think--Phil
> Pennock a while ago; the FreeBSD port doesn't include them, and Phil's
> need to be updated and probably worked into something a lot more
> robust.

You should probably start with my current scripts, then; I use these in
a dedicated jail, I switched to using supervise to keep sks alive
(clang-built binary problems) and so I'm using chpst from the runit
Port.

I've not felt the need to chown existing files from my start-up scripts,
because I don't do things like rebuild databases across untrusted data
as the root user: that way lies system compromises.  I do have `recover`
available as an init-script command, though, thus `service sks-db
recover` does things as the right user.

-Phil

------------------8< cut here: /etc/sv/sks-db/run >8--------------------
#!/bin/sh
exec service sks-db onestartfg
----------------------------8< cut here >8------------------------------


------------------------8< cut here: sks-db >8--------------------------
#!/bin/sh

# PROVIDE: sks-db
# REQUIRE: DAEMON
# BEFORE: sks-recon

. /etc/rc.subr

name="sks_db"
rcvar=sks_db_enable
command="/usr/local/bin/sks"
pidfile=/var/run/sks_db.pid
start_cmd=sks_db_start_cmd
start_precmd=sks_db_start_precmd
extra_commands="recover rotate statsgen startfg"
recover_cmd=sks_db_recover_cmd
rotate_cmd=sks_db_rotate_cmd
statsgen_cmd=sks_db_statsgen_cmd
startfg_cmd=sks_db_startfg_cmd
startfg_precmd=sks_db_start_precmd

load_rc_config $name
: ${sks_db_user="sks"}
: ${sks_db_group="sks"}
: ${sks_db_chdir="/var/sks"}
: ${sks_db_limits_enable=NO}
: ${sks_db_limits_args="-U $sks_db_user"}
: ${sks_db_recover_onstart=NO}
: ${sks_db_recover_bin="db_recover-5.3"}

PATH="/usr/local/sbin:/usr/local/bin:$PATH"

as_user()
{
        /usr/local/sbin/chpst -u $sks_db_user "$@"
}

sks_db_start_precmd()
{
        if checkyesno sks_db_recover_onstart
        then
                sks_db_recover_cmd
        fi

        if checkyesno sks_db_limits_enable
        then
                eval `/usr/bin/limits -aBe ${sks_db_limits_args}` 2>/dev/null
        else
                return 0
        fi
}

sks_db__do_chdir()
{
        local d="$sks_db_chdir"
        [ ".$1" != "." ] && d="$d/$1"
        cd "$d"
        if [ $? -ne 0 ]; then
                warn "Failed to chdir to $d"
                return 1
        fi
}

# Want to be able to pkill as the sks user, based off the pidfile
sks_db__fix_pidfile()
{
        chgrp $sks_db_group "$pidfile"
        chmod g+r "$pidfile"
}

sks_db_start_cmd()
{
        echo "Starting sks db."
        sks_db__do_chdir || return 1
        # don't use as_user since daemon invokes it
        /usr/sbin/daemon -f -p "$pidfile" \
                /usr/local/sbin/chpst -u $sks_db_user \
                $command $sks_db_flags db
        sks_db__fix_pidfile
}

sks_db_startfg_cmd()
{
        echo "Starting sks db (in foreground)."
        sks_db__do_chdir || return 1
        exec /usr/local/sbin/chpst -u $sks_db_user \
                $command $sks_db_flags db
}

sks_db_recover_cmd()
{
        echo "Recovering sks dbs."
        local dir
        for dir in KDB PTree
        do
                echo " ... $dir"
                sks_db__do_chdir $dir || return 1
                as_user $sks_db_recover_bin
        done
        echo "Cleaning up old diffs"
        sks_db__do_chdir || return 1
        find . -name diff-\*.txt -maxdepth 1 -mtime +1w -execdir rm {} \;
        echo "Done."
}

sks_db_rotate_cmd()
{
        echo "Rotating logs."
        sks_db__do_chdir || return 1
        local logdir x
        logdir="OLD-Logs/$(date +%Y%m%d)"
        mkdir -p "$logdir"
        for x in *.log
        do
                echo " ... $x"
                as_user touch "$x.NEW" && \
                mv "$x" "$logdir/$x" && \
                mv "$x.NEW" "$x"
                bzip2 -9 "$logdir/$x" &
        done
        wait
}

sks_db_statsgen_cmd()
{
        if [ -f /etc/sv/sks-db/supervise/pid ]; then
                if [ -f /etc/sv/sks-db/supervise/stat ] && [ $(cat 
/etc/sv/sks-db/supervise/stat) = "run" ]; then
# this relies upon us having exec'd sks above, otherwise the pid might be the 
wrapper init script
                        rc_pid=$(cat /etc/sv/sks-db/supervise/pid)
                fi
        fi
        kill -s USR2 $rc_pid
}

required_dirs="${sks_db_chdir}/KDB"
run_rc_command "$1"
----------------------------8< cut here >8------------------------------


----------------------8< cut here: sks-recon >8-------------------------
#!/bin/sh

# PROVIDE: sks-recon
# REQUIRE: DAEMON sks-db

. /etc/rc.subr

name="sks_recon"
rcvar=sks_recon_enable
command="/usr/local/bin/sks"
pidfile=/var/run/sks_recon.pid
extra_commands="clean"
start_cmd=sks_recon_start_cmd
start_precmd=sks_recon_start_precmd
clean_cmd=sks_recon_clean_cmd

load_rc_config $name
: ${sks_recon_user="sks"}
: ${sks_recon_group="sks"}
: ${sks_recon_chdir="/var/sks"}
: ${sks_recon_limits_enable=NO}
: ${sks_recon_limits_args="-U $sks_recon_user"}

PATH="/usr/local/sbin:/usr/local/bin:$PATH"

sks_recon_start_precmd()
{
        if checkyesno sks_recon_limits_enable
        then
                eval `/usr/bin/limits -aBe ${sks_recon_limits_args}` 2>/dev/null
        else
                return 0
        fi
}

_sks_chdir()
{
        cd $sks_recon_chdir
        if [ $? -ne 0 ]; then
                warn "Failed to chdir to $sks_recon_dir"
                return 1
        fi
        return 0
}

sks_recon__fix_pidfile()
{
        chgrp $sks_recon_group "$pidfile"
        chmod g+r "$pidfile"
}

sks_recon_start_cmd()
{
        echo "Starting sks recon."
        _sks_chdir || return $?
        /usr/sbin/daemon -f -p "$pidfile" \
                /usr/local/sbin/chpst -u $sks_recon_user \
                $command $sks_recon_flags recon
        sks_recon__fix_pidfile
}

sks_recon_clean_cmd()
{
        _sks_chdir || return $?
        find . -maxdepth 1 -name 'diff-*.txt' -mtime +1w -delete
}

required_dirs="${sks_recon_chdir}/KDB"
run_rc_command "$1"
----------------------------8< cut here >8------------------------------

Attachment: signature.asc
Description: Digital signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]