#!/bin/bash # # kbrbserver.init Start and stop the Kerberos 5 servers. # # chkconfig: 2345 35 65 # description: Kerberos 5 is a trusted third-party authentication system. \ # This script starts and stops the servers that Kerberos IV and 5 \ # clients need to connect to. # processname: krb5kdc # processname: kadmind # processname: krb524d # # Get config. . /etc/sysconfig/network # Check that networking is up. [ ${NETWORKING} = "no" ] && exit 0 # Source function library. . /etc/rc.d/init.d/functions RETVAL=0 KRB5KDC="Kerberos 5 KDC" KADMIND="Kerberos 5 Admin Server" KRB524D="Kerberos 5-to-4 Server" # Sheel functions to cut down on useless shell instances. start() { if [ ! -f /etc/kerberos/krb5kdc/principal ] ; then exit 0 else if [ ! -f /etc/kerberos/krb5kdc/kadm5.keytab ] ; then gprintf "Extracting kadm5 Service Keys: \n" /usr/sbin/kadmin.local -q "ktadd -k /etc/kerberos/krb5kdc/kadm5.keytab kadmin/admin kadmin/changepw" && success || fail echo fi fi gprintf "Starting %s: " "$KRB5KDC" daemon /usr/sbin/krb5kdc echo RET1=$? gprintf "Starting %s: " "$KADMIND" daemon /usr/sbin/kadmind echo RET2=$? if [ -x /usr/sbin/krb524d ]; then gprintf "Starting %s: " "$KRB524D" daemon /usr/sbin/krb524d -m echo fi if [ "$RET1" -eq "0" -a "$RET2" -eq "0" ]; then touch /var/lock/subsys/krb5server return 0 else return 1 fi } stop() { if [ -x /usr/sbin/krb524d ]; then gprintf "Stopping %s: " "$KRB524D" killproc krb524d RET1=$? echo else RET1=0 fi gprintf "Stopping %s: " "$KADMIND" killproc kadmind RET2=$? echo gprintf "Stopping %s: " "$KRB5KDC" killproc krb5kdc RET3=$? echo if [ "$RET1" -eq "0" -a "$RET2" -eq "0" -a "$RET3" -eq "0" ]; then rm -f /var/lock/subsys/krb5server return 0 else return 1 fi } # See how we were called. case "$1" in start) start RETVAL=$? ;; stop) stop RETVAL=$? ;; restart|reload) stop start RETVAL=$? ;; status) status krb5kdc RET1=$? status kadmind RET2=$? status krb524d RET3=$? RETVAL=$[$RET1|$RET2|$RET3] ;; condrestart) if [ -f /var/lock/subsys/krb5server ] ; then stop start RETVAL=$? fi ;; *) gprintf "Usage: krb5server {start|stop|status|restart|reload|condrestart}\n" exit 1 ;; esac exit $RETLEVEL