diff options
| author | Guilhem Moulin <guilhem.moulin@fripost.org> | 2012-09-25 00:55:39 +0200 |
|---|---|---|
| committer | Guilhem Moulin <guilhem.moulin@fripost.org> | 2012-09-25 00:55:39 +0200 |
| commit | 7672946edb73d485e5eb0ffd75964f2cea2caaa0 (patch) | |
| tree | 76d64779110b3f94dd54112d932c0e0f51e98363 | |
| parent | c5abfa216d18d374e493fd309a1f4748af094e50 (diff) | |
A script to start/stop the web panel and ask automatically renew the kerberos ticket.
| -rwxr-xr-x | bin/fripost-panel | 54 | ||||
| -rwxr-xr-x | bin/ldap-krb5 | 25 |
2 files changed, 79 insertions, 0 deletions
diff --git a/bin/fripost-panel b/bin/fripost-panel new file mode 100755 index 0000000..0046a4d --- /dev/null +++ b/bin/fripost-panel @@ -0,0 +1,54 @@ +#!/bin/sh + +# Start/stop/restart the web panel +# +# Also, keep renewing/recreating kerberos tickets for the web +# application. + +PANEL_DIR=/opt/fripost-panel +SOCKET_DIR=/var/run/fcgi +USER=www-data +PRINCIPAL=AdminWebPanel/fripost.org@FRIPOST.ORG +KEYTAB=/etc/fripost-panel/keytab +CGI=./cgi-bin/index.fcgi + +if [ $(id -u) -ne 0 ]; then + echo "Error: You are not root" + exit 1 +fi + +KSTART="k5start -b -f ${KEYTAB} -S ldap -I $(hostname --fqdn) -u ${PRINCIPAL} -q -K 60" + +start () { + test -x "${PANEL_DIR}/cgi-bin/index.fcgi" || exit 0 + + pgrep -U "${USER}" -G "${USER}" -fx "/usr/bin/perl ${CGI}" >/dev/null && return 0 + pgrep -U "${USER}" -G "${USER}" -fx "${KSTART}" >/dev/null || sudo -u "${USER}" ${KSTART} || exit 1 + + export FCGI_SOCKET_PATH="${SOCKET_DIR}/fripost-panel.socket" + export FCGI_LISTEN_QUEUE=128 + start-stop-daemon --start --background \ + --chuid "${USER}:${USER}" \ + -d "${PANEL_DIR}" \ + -m -p "${SOCKET_DIR}/fripost-panel.pid" \ + --exec ${CGI} +} + +stop () { + pkill -U "${USER}" -G "${USER}" -fx "${KSTART}" || exit 1 + start-stop-daemon --stop -u "${USER}" \ + --chuid "${USER}:${USER}" \ + -p "${SOCKET_DIR}/fripost-panel.pid" \ + --retry=TERM/5/KILL/1 +} + +cd "${PANEL_DIR}" || exit 1 +case "${1}" in + start) start ;; + stop) stop ;; + restart) stop && start ;; + *) + echo "Usage: $0 {start|stop|restart}" >&2 + exit 1 + ;; +esac diff --git a/bin/ldap-krb5 b/bin/ldap-krb5 new file mode 100755 index 0000000..368db8e --- /dev/null +++ b/bin/ldap-krb5 @@ -0,0 +1,25 @@ +#!/bin/sh + +# Keep renewing/recreating kerberos tickets for ldap/hostname + +if [ $(id -u) -ne 0 ]; then + echo "Error: You are not root" + exit 1 +fi + +. /etc/default/slapd +KSTART="k5start -b -f ${KRB5_KTNAME} -u ldap -i $(hostname --fqdn) -q -K 60" +case "${1}" in + start) + pgrep -U "${SLAPD_USER}" -G "${SLAPD_GROUP}" -fx "${KSTART}" >/dev/null \ + || sudo -u "${SLAPD_USER}" ${KSTART} \ + || exit 1 + ;; + stop) + pkill -U "${SLAPD_USER}" -G "${SLAPD_GROUP}" -fx "${KSTART}" >/dev/null \ + ;; + *) + echo "Usage: $0 {start|stop}" >&2 + exit 1 + ;; +esac |