#!/bin/bash # # kadmind Start and stop the Kerberos 5 administrative server. # # chkconfig: 345 35 65 # description: Kerberos 5 is a trusted third-party authentication system. \ # This script starts and stops the Kerberos 5 administrative \ # server, which should only be run on the master server for a \ # realm. # processname: kadmind # ### BEGIN INIT INFO # Provides: kadmind # Required-Start: $network # Required-Stop: $network # Default-Start: 3 4 5 # Short-Description: Kerberos 5 administrative server # Description: This daemon runs on the master server and is used to \ # administer principals accounts. ### END INIT INFO # Get config. . /etc/sysconfig/network # Check that networking is up. [ ${NETWORKING} = "no" ] && exit 0 # Source function library. . /etc/init.d/functions prog="Kerberos 5 Admin Server" kadmind=/usr/sbin/kadmind RETVAL=0 exist_database() { if grep -qE \ "^[[:blank:]]*db_library[[:blank:]]*=[[:blank:]]*kldap$" \ /etc/krb5.conf; then return 0 fi if [ ! -f /etc/kerberos/krb5kdc/principal ] ; then return 1 else return 0 fi } # Sheel functions to cut down on useless shell instances. start() { if ! exist_database; then gprintf "Warning, no kerberos database initialized, exiting.\n" return 1 fi if [ -f /etc/kerberos/krb5kdc/kpropd.acl ] ; then echo "Error. This appears to be a slave server, found kpropd.acl" exit 0 else if [ ! -f /etc/kerberos/krb5kdc/kadm5.keytab ] ; then echo -n $"Extracting kadm5 Service Keys: " /usr/sbin/kadmin.local -q "ktadd -k /etc/kerberos/krb5kdc/kadm5.keytab kadmin/admin kadmin/changepw" && success || failure echo fi fi echo -n $"Starting $prog: " daemon ${kadmind} RETVAL=$? echo [ $RETVAL = 0 ] && touch /var/lock/subsys/kadmin return $RETVAL } stop() { echo -n $"Stopping $prog: " killproc ${kadmind} RETVAL=$? echo [ $RETVAL = 0 ] && rm -f /var/lock/subsys/kadmin return $RETVAL } reload() { echo -n $"Reopening $prog log file: " killproc ${kadmind} -HUP RETVAL=$? echo return $RETVAL } # See how we were called. case "$1" in start) start RETVAL=$? ;; stop) stop RETVAL=$? ;; restart) stop start RETVAL=$? ;; status) status ${kadmind} RETVAL=$? ;; reload) reload RETVAL=$? ;; condrestart) if [ -f /var/lock/subsys/kadmin ] ; then stop start RETVAL=$? fi ;; *) echo $"Usage: $0 {start|stop|status|condrestart|reload|restart}" RETVAL=1 ;; esac exit $RETVAL