|
version 1.23, 2004/12/20 14:28:56
|
version 1.34.2.1, 2010/01/13 19:26:54
|
|
Line 32
|
Line 32
|
| # chkconfig: 345 95 5 |
# chkconfig: 345 95 5 |
| # description: LON-CAPA is a "network of knowledge". It is used to \ |
# description: LON-CAPA is a "network of knowledge". It is used to \ |
| # distribute knowledge resources and instructional management. |
# distribute knowledge resources and instructional management. |
| # processnames: lonc, lond, lonsql |
# processnames: lonc, lond, lonsql, lonmaxima |
| # pidfiles: /home/httpd/perl/logs/lon*.pid |
# pidfiles: /home/httpd/perl/logs/lon*.pid |
| # config: /etc/httpd/conf/loncapa.conf |
# config: /etc/httpd/conf/loncapa.conf |
| # config: /home/httpd/lonTabs/hosts.tab |
# config: /home/httpd/lonTabs/hosts.tab |
| # config: /home/httpd/lonTabs/spare.tab |
# config: /home/httpd/lonTabs/spare.tab |
| |
# SuSE chkconfig/insserv info |
| |
### BEGIN INIT INFO |
| |
# Provides: loncapa |
| |
# Required-Start: mysql apache2 $network $remote_fs |
| |
# Required-Stop: |
| |
# Default-Start: 3 4 5 |
| |
# Default-Stop: |
| |
# Description: Starts the LON-CAPA services |
| |
### END INIT INFO |
| |
|
| |
use strict; |
| |
use lib '/home/httpd/lib/perl/'; |
| |
use LONCAPA::Configuration; |
| |
|
| $command=$ARGV[0]; $command=~s/[^a-z]//g; |
my $command=$ARGV[0]; $command=~s/[^a-z]//g; |
| |
|
| $ENV{'PATH'}="/sbin:/bin:/usr/sbin:/usr/bin:/usr/X11R6/bin:/root/bin"; |
$ENV{'PATH'}="/sbin:/bin:/usr/sbin:/usr/bin:/usr/X11R6/bin:/root/bin"; |
| $ENV{'BASH_ENV'}=""; |
$ENV{'BASH_ENV'}=""; |
|
Line 47 $ENV{'BASH_ENV'}="";
|
Line 60 $ENV{'BASH_ENV'}="";
|
| # Firewall code is based on the code in FC2 /etc/init.d/ntpd |
# Firewall code is based on the code in FC2 /etc/init.d/ntpd |
| my $fw_chain = 'RH-Firewall-1-INPUT'; |
my $fw_chain = 'RH-Firewall-1-INPUT'; |
| my $iptables = '/sbin/iptables'; |
my $iptables = '/sbin/iptables'; |
| my $lond_port = 5663; |
if (! -e $iptables) { |
| my $lonhttpd_port = 8080; |
$iptables = '/usr/sbin/iptables'; |
| |
if (!-e $iptables) { |
| |
print("Unable to find iptables command\n"); |
| |
} |
| |
} |
| |
my $suse_config = "/etc/sysconfig/SuSEfirewall2"; |
| |
if (-e $suse_config) { |
| |
$fw_chain = 'input_ext'; |
| |
} else { |
| |
if (!-e '/etc/sysconfig/iptables') { |
| |
print("Unable to find iptables file containing static definitions\n"); |
| |
} |
| |
} |
| |
if (-e $iptables) { |
| |
my $count = `$iptables -L -n 2>/dev/null |grep $fw_chain |wc -l`; |
| |
chomp($count); |
| |
if (!$count) { |
| |
$fw_chain ='INPUT'; |
| |
} |
| |
} |
| |
my $lond_port = &get_lond_port(); |
| |
if (!$lond_port) { |
| |
print("Unable to determine lond port number from LON-CAPA configuration.\n"); |
| |
} |
| |
|
| sub firewall_open_port { |
sub firewall_open_port { |
| return if (! &firewall_is_active); |
return 'inactive firewall' if (! &firewall_is_active); |
| if (! `$iptables -L -n 2>/dev/null | grep $fw_chain | wc -l`) { return; } |
return 'port number unknown' if !$lond_port; |
| # iptables is running with our chain |
my @opened; |
| # |
my $suse_config = "/etc/sysconfig/SuSEfirewall2"; |
| # We could restrict the servers allowed to attempt to communicate |
if (-e $suse_config) { |
| # here, but the logistics of updating the /home/httpd/lonTabs/host.tab |
if (open(my $fh,"<$suse_config")) { |
| # file are likely to be a problem |
while(<$fh>) { |
| foreach my $port ($lond_port,$lonhttpd_port) { |
chomp(); |
| print "Opening firewall access on port $port.\n"; |
if (/^FW_SERVICES_EXT_TCP="([^"]+)"\s*$/) { |
| |
my $portstr = $1; |
| my $firewall_command = |
my @suseports = split(/\s+/,$portstr); |
| "$iptables -I $fw_chain -p tcp -d 0/0 --dport $port -j ACCEPT"; |
foreach my $port ($lond_port) { |
| system($firewall_command); |
if (grep/^\Q$port\E$/,@suseports) { |
| my $return_status = $?>>8; |
push(@opened,$port); |
| if ($return_status == 1) { |
} |
| # Error |
} |
| print "Error opening port.\n"; |
} |
| } elsif ($return_status == 2) { |
} |
| # Bad command |
} |
| print "Bad command error opening port. Command was\n". |
} else { |
| " ".$firewall_command."\n"; |
if (! `$iptables -L -n 2>/dev/null | grep $fw_chain | wc -l`) { |
| |
return 'chain error'; |
| |
} |
| |
# iptables is running with our chain |
| |
# |
| |
# We could restrict the servers allowed to attempt to communicate |
| |
# here, but the logistics of updating the /home/httpd/lonTabs/host.tab |
| |
# file are likely to be a problem |
| |
foreach my $port ($lond_port) { |
| |
print "Opening firewall access on port $port.\n"; |
| |
my $result; |
| |
my $firewall_command = |
| |
"$iptables -I $fw_chain -p tcp -d 0/0 --dport $port -j ACCEPT"; |
| |
system($firewall_command); |
| |
my $return_status = $?>>8; |
| |
if ($return_status == 1) { |
| |
# Error |
| |
print "Error opening port.\n"; |
| |
} elsif ($return_status == 2) { |
| |
# Bad command |
| |
print "Bad command error opening port. Command was\n". |
| |
" ".$firewall_command."\n"; |
| |
} elsif ($return_status == 0) { |
| |
push(@opened,$port); |
| |
} |
| } |
} |
| } |
} |
| |
foreach my $port ($lond_port) { |
| |
if (!grep(/^\Q$port\E$/,@opened)) { |
| |
return 'Required port not open: '.$port."\n"; |
| |
} |
| |
} |
| |
return 'ok'; |
| } |
} |
| |
|
| sub firewall_is_port_open { |
sub firewall_is_port_open { |
| |
my ($port) = @_; |
| # returns 1 if the firewall port is open, 0 if not. |
# returns 1 if the firewall port is open, 0 if not. |
| # |
# |
| # check if firewall is active or installed |
# check if firewall is active or installed |
|
Line 98 sub firewall_is_active {
|
Line 164 sub firewall_is_active {
|
| } |
} |
| |
|
| sub firewall_close_port { |
sub firewall_close_port { |
| return if (! &firewall_is_active); |
return 'inactive firewall' if (! &firewall_is_active); |
| foreach my $port ($lond_port,$lonhttpd_port) { |
return 'port number unknown' if !$lond_port; |
| print "Closing firewall access on port $port.\n"; |
my $suse_config = "/etc/sysconfig/SuSEfirewall2"; |
| |
return if (-e $suse_config); |
| |
foreach my $port ($lond_port) { |
| |
print "Closing firewall access on port $port\n"; |
| my $firewall_command = |
my $firewall_command = |
| "$iptables -D $fw_chain -p tcp -d 0/0 --dport $port -j ACCEPT"; |
"$iptables -D $fw_chain -p tcp -d 0/0 --dport $port -j ACCEPT"; |
| system($firewall_command); |
system($firewall_command); |
|
Line 112 sub firewall_close_port {
|
Line 181 sub firewall_close_port {
|
| # Bad command |
# Bad command |
| print "Bad command error closing port. Command was\n". |
print "Bad command error closing port. Command was\n". |
| " ".$firewall_command."\n"; |
" ".$firewall_command."\n"; |
| |
} else { |
| |
print "Port closed.\n"; |
| |
} |
| |
} |
| |
return; |
| |
} |
| |
|
| |
sub get_lond_port { |
| |
my $perlvarref=&LONCAPA::Configuration::read_conf(); |
| |
my $lond_port; |
| |
if (ref($perlvarref) eq 'HASH') { |
| |
if (defined($perlvarref->{'londPort'})) { |
| |
$lond_port = $perlvarref->{'londPort'}; |
| } |
} |
| } |
} |
| |
return $lond_port; |
| } |
} |
| |
|
| } # End firewall variable scope |
} # End firewall variable scope |
|
Line 122 sub stop_daemon {
|
Line 205 sub stop_daemon {
|
| my ($daemon,$killallname)=@_; |
my ($daemon,$killallname)=@_; |
| my $pidfile="/home/httpd/perl/logs/$daemon.pid"; |
my $pidfile="/home/httpd/perl/logs/$daemon.pid"; |
| |
|
| printf("%-10s ",$daemon); |
printf("%-15s ",$daemon); |
| if (-e $pidfile) { |
if (-e $pidfile) { |
| open(PIDFILE,$pidfile); |
open(PIDFILE,$pidfile); |
| my $daemonpid=<PIDFILE>; |
my $daemonpid=<PIDFILE>; |
| chomp($daemonpid); |
chomp($daemonpid); |
| kill TERM => $daemonpid; |
kill TERM => $daemonpid; |
| sleep 2; |
my $count=0; |
| |
while ($count++ < 5 && kill(0 => $daemonpid)) { |
| |
sleep 1; |
| |
} |
| if (kill 0 => $daemonpid) { |
if (kill 0 => $daemonpid) { |
| kill KILL => $daemonpid; |
kill KILL => $daemonpid; |
| sleep 2; |
sleep 1; |
| if (kill 0 => $daemonpid) { |
if (kill 0 => $daemonpid) { |
| print("failed to kill"); |
print("failed to kill"); |
| } else { |
} else { |
|
Line 148 sub stop_daemon {
|
Line 234 sub stop_daemon {
|
| system("killall -q $killallname"); |
system("killall -q $killallname"); |
| print(", killed off extraneous processes"); |
print(", killed off extraneous processes"); |
| } |
} |
| |
unlink($pidfile); |
| print("\n"); |
print("\n"); |
| } |
} |
| |
|
| |
sub clean_sockets { |
| if (($command eq "restartold") or ($command eq "reloadold")) { |
opendir(SOCKETS,"/home/httpd/sockets/"); |
| print 'Restarting LON-CAPA'."\n"; |
my $perlvarref=&LONCAPA::Configuration::read_conf(); |
| print 'Ending LON-CAPA client and daemon processes'."\n"; |
return if (ref($perlvarref) ne 'HASH'); |
| foreach my $daemon ('lonsql','lond','lonc','lonhttpd') { |
while (my $fname=readdir(SOCKETS)) { |
| &stop_daemon($daemon,$daemon); |
next if (-d $fname |
| |
|| $fname=~/(mysqlsock|maximasock|\Q$perlvarref->{'lonSockDir'}\E)/); |
| |
unlink("/home/httpd/sockets/$fname"); |
| } |
} |
| print 'Starting LON-CAPA client and daemon processes (please be patient)'. |
} |
| "\n"; |
|
| system("su www -c '/home/httpd/perl/loncron --oldlonc --justcheckdaemons'"); |
if ($command eq "restart") { |
| } elsif (($command eq "restart") or ($command eq "reload")) { |
|
| print 'Restarting LON-CAPA'."\n"; |
print 'Restarting LON-CAPA'."\n"; |
| print 'Ending LON-CAPA client and daemon processes'."\n"; |
print 'Ending LON-CAPA client and daemon processes'."\n"; |
| foreach my $daemon ('lonsql','lond','lonc','lonhttpd') { |
foreach my $daemon ('lonsql','lond','lonc','lonmemcached','lonmaxima') { |
| my $killallname=$daemon; |
my $killallname=$daemon; |
| if ($daemon eq 'lonc') { $killallname='loncnew'; } |
if ($daemon eq 'lonc') { $killallname='loncnew'; } |
| &stop_daemon($daemon,$killallname); |
&stop_daemon($daemon,$killallname); |
|
Line 174 if (($command eq "restartold") or ($comm
|
Line 262 if (($command eq "restartold") or ($comm
|
| system("su www -c '/home/httpd/perl/loncron --justcheckdaemons'"); |
system("su www -c '/home/httpd/perl/loncron --justcheckdaemons'"); |
| } elsif ($command eq "stop") { |
} elsif ($command eq "stop") { |
| print 'Stopping LON-CAPA'."\n"; |
print 'Stopping LON-CAPA'."\n"; |
| foreach my $daemon ('lonsql','lond','lonc','lonhttpd') { |
foreach my $daemon ('lonsql','lond','lonc','lonmemcached','lonmaxima') { |
| my $killallname=$daemon; |
my $killallname=$daemon; |
| if ($daemon eq 'lonc') { $killallname='loncnew'; } |
if ($daemon eq 'lonc') { $killallname='loncnew'; } |
| &stop_daemon($daemon,$killallname); |
&stop_daemon($daemon,$killallname); |
| } |
} |
| &firewall_close_port(); |
my $firewall_result = &firewall_close_port(); |
| } elsif ($command eq "startold") { |
if ($firewall_result) { |
| &firewall_open_port(); |
print "$firewall_result\n"; |
| print 'Starting LON-CAPA'."\n"; |
} |
| print 'Starting LON-CAPA client and daemon processes (please be patient)'. |
&clean_sockets(); |
| "\n"; |
|
| system("su www -c '/home/httpd/perl/loncron --oldlonc --justcheckdaemons'"); |
|
| } elsif ($command eq "start") { |
} elsif ($command eq "start") { |
| &firewall_open_port(); |
my $firewall_result = &firewall_open_port(); |
| print 'Starting LON-CAPA'."\n"; |
if (($firewall_result eq 'ok') || ($firewall_result eq 'inactive firewall')) { |
| print 'Starting LON-CAPA client and daemon processes (please be patient)'. |
if ($firewall_result eq 'inactive firewall') { |
| "\n"; |
print "WARNING: iptables firewall is currently inactive\n"; |
| system("su www -c '/home/httpd/perl/loncron --justcheckdaemons'"); |
} |
| |
print 'Starting LON-CAPA'."\n"; |
| |
print 'Starting LON-CAPA client and daemon processes (please be patient)'. |
| |
"\n"; |
| |
system("su www -c '/home/httpd/perl/loncron --justcheckdaemons'"); |
| |
} else { |
| |
print "Not starting LON-CAPA\n"; |
| |
if ($firewall_result eq 'port number unknown') { |
| |
print "Could not check for status of LON-CAPA port in running firewall - port number unknown. \n"; |
| |
} elsif ($firewall_result) { |
| |
print "$firewall_result\n"; |
| |
} |
| |
} |
| |
} elsif ($command eq "reload") { |
| |
print 'Reload LON-CAPA config files'."\n"; |
| |
system("su www -c '/home/httpd/perl/loncron --justreload'"); |
| } elsif ($command eq "status") { |
} elsif ($command eq "status") { |
| $response=`/bin/cat /home/httpd/perl/logs/*.pid 2>&1`; |
my $lond_port = &get_lond_port(); |
| |
my $response=`/bin/cat /home/httpd/perl/logs/*.pid 2>&1`; |
| if ($response=~/No such file or directory/) { |
if ($response=~/No such file or directory/) { |
| print 'LON-CAPA is not running.'."\n"; |
print 'LON-CAPA is not running.'."\n"; |
| } else { |
} else { |
|
Line 203 if (($command eq "restartold") or ($comm
|
Line 305 if (($command eq "restartold") or ($comm
|
| if (! &firewall_is_active) { |
if (! &firewall_is_active) { |
| print 'The iptables firewall is not active'."\n"; |
print 'The iptables firewall is not active'."\n"; |
| } |
} |
| if (&firewall_is_port_open()) { |
my $lond_port = &get_lond_port(); |
| print 'The LON-CAPA port is open in firewall.'."\n"; |
if ($lond_port) { |
| } elsif (&firewall_is_active) { |
if (&firewall_is_port_open($lond_port)) { |
| print 'The LON-CAPA port is NOT open in running firewall!'."\n"; |
print "The LON-CAPA port ($lond_port) is open in firewall.\n"; |
| |
} elsif (&firewall_is_active) { |
| |
print "The LON-CAPA port ($lond_port) is NOT open in running firewall!\n"; |
| |
} |
| |
} else { |
| |
if (&firewall_is_active) { |
| |
print "Could not check for status of LON-CAPA port in running firewall - port number unknown.\n"; |
| |
} else { |
| |
print "LON-CAPA port number is unknown, and firewall is not running.\n"; |
| |
} |
| } |
} |
| } else { |
} else { |
| print 'You need to specify one of restart|stop|start|status on the command line.'."\n"; |
print "You need to specify one of restart|stop|start|status on the command line.\n"; |
| } |
} |
![[BACK]](/icons/back.gif){kind=icon}
Return to loncontrol CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / init.d