|
version 1.25, 2005/05/26 20:25:00
|
version 1.46, 2019/06/09 02:35:41
|
|
Line 32
|
Line 32
|
| # chkconfig: 345 95 5 |
# chkconfig: 345 95 5 |
| # description: LON-CAPA is a "network of knowledge". It is used to \ |
# description: LON-CAPA is a "network of knowledge". It is used to \ |
| # distribute knowledge resources and instructional management. |
# distribute knowledge resources and instructional management. |
| # processnames: lonc, lond, lonsql |
# processnames: lonc, lond, lonsql, lonmaxima, lonr |
| # pidfiles: /home/httpd/perl/logs/lon*.pid |
# pidfiles: /home/httpd/perl/logs/lon*.pid |
| # config: /etc/httpd/conf/loncapa.conf |
# config: /etc/httpd/conf/loncapa.conf |
| # config: /home/httpd/lonTabs/hosts.tab |
# config: /home/httpd/lonTabs/hosts.tab |
| # config: /home/httpd/lonTabs/spare.tab |
# config: /home/httpd/lonTabs/spare.tab |
| |
# SuSE chkconfig/insserv info |
| |
### BEGIN INIT INFO |
| |
# Provides: loncapa |
| |
# Required-Start: SuSEfirewall2_setup mysql apache2 $network $remote_fs |
| |
# Should-Start: $ALL |
| |
# Required-Stop: |
| |
# Default-Start: 3 5 |
| |
# Default-Stop: |
| |
# Description: Starts the LON-CAPA services |
| |
### END INIT INFO |
| |
|
| |
use strict; |
| |
use lib '/home/httpd/lib/perl/'; |
| |
use LONCAPA::Configuration; |
| |
use LONCAPA::Firewall; |
| |
use Apache::lonnet; |
| |
|
| $command=$ARGV[0]; $command=~s/[^a-z]//g; |
my $command=$ARGV[0]; $command=~s/[^a-z]//g; |
| |
|
| $ENV{'PATH'}="/sbin:/bin:/usr/sbin:/usr/bin:/usr/X11R6/bin:/root/bin"; |
$ENV{'PATH'}="/sbin:/bin:/usr/sbin:/usr/bin:/usr/X11R6/bin:/root/bin"; |
| $ENV{'BASH_ENV'}=""; |
$ENV{'BASH_ENV'}=""; |
| |
|
| { # Firewall variable scoping |
|
| # Firewall code is based on the code in FC2 /etc/init.d/ntpd |
|
| my $fw_chain = 'RH-Firewall-1-INPUT'; |
|
| my $iptables = '/sbin/iptables'; |
|
| my $lond_port = 5663; |
|
| my $lonhttpd_port = 8080; |
|
| |
|
| sub firewall_open_port { |
|
| return if (! &firewall_is_active); |
|
| if (! `$iptables -L -n 2>/dev/null | grep $fw_chain | wc -l`) { return; } |
|
| # iptables is running with our chain |
|
| # |
|
| # We could restrict the servers allowed to attempt to communicate |
|
| # here, but the logistics of updating the /home/httpd/lonTabs/host.tab |
|
| # file are likely to be a problem |
|
| foreach my $port ($lond_port,$lonhttpd_port) { |
|
| print "Opening firewall access on port $port.\n"; |
|
| |
|
| my $firewall_command = |
|
| "$iptables -I $fw_chain -p tcp -d 0/0 --dport $port -j ACCEPT"; |
|
| system($firewall_command); |
|
| my $return_status = $?>>8; |
|
| if ($return_status == 1) { |
|
| # Error |
|
| print "Error opening port.\n"; |
|
| } elsif ($return_status == 2) { |
|
| # Bad command |
|
| print "Bad command error opening port. Command was\n". |
|
| " ".$firewall_command."\n"; |
|
| } |
|
| } |
|
| |
|
| } |
|
| |
|
| sub firewall_is_port_open { |
|
| # returns 1 if the firewall port is open, 0 if not. |
|
| # |
|
| # check if firewall is active or installed |
|
| return if (! &firewall_is_active); |
|
| if (`$iptables -L -n 2>/dev/null | grep "tcp dpt:$port"`) { |
|
| return 1; |
|
| } else { |
|
| return 0; |
|
| } |
|
| } |
|
| |
|
| sub firewall_is_active { |
|
| if (-e '/proc/net/ip_tables_names') { |
|
| return 1; |
|
| } else { |
|
| return 0; |
|
| } |
|
| } |
|
| |
|
| sub firewall_close_port { |
|
| return if (! &firewall_is_active); |
|
| foreach my $port ($lond_port,$lonhttpd_port) { |
|
| print "Closing firewall access on port $port.\n"; |
|
| my $firewall_command = |
|
| "$iptables -D $fw_chain -p tcp -d 0/0 --dport $port -j ACCEPT"; |
|
| system($firewall_command); |
|
| my $return_status = $?>>8; |
|
| if ($return_status == 1) { |
|
| # Error |
|
| print "Error closing port.\n"; |
|
| } elsif ($return_status == 2) { |
|
| # Bad command |
|
| print "Bad command error closing port. Command was\n". |
|
| " ".$firewall_command."\n"; |
|
| } |
|
| } |
|
| } |
|
| |
|
| } # End firewall variable scope |
|
| |
|
| sub stop_daemon { |
sub stop_daemon { |
| my ($daemon,$killallname)=@_; |
my ($daemon,$killallname)=@_; |
| my $pidfile="/home/httpd/perl/logs/$daemon.pid"; |
my $pidfile="/home/httpd/perl/logs/$daemon.pid"; |
|
Line 128 sub stop_daemon {
|
Line 69 sub stop_daemon {
|
| my $daemonpid=<PIDFILE>; |
my $daemonpid=<PIDFILE>; |
| chomp($daemonpid); |
chomp($daemonpid); |
| kill TERM => $daemonpid; |
kill TERM => $daemonpid; |
| sleep 2; |
my $count=0; |
| |
while ($count++ < 5 && kill(0 => $daemonpid)) { |
| |
sleep 1; |
| |
} |
| if (kill 0 => $daemonpid) { |
if (kill 0 => $daemonpid) { |
| kill KILL => $daemonpid; |
kill KILL => $daemonpid; |
| sleep 2; |
sleep 1; |
| if (kill 0 => $daemonpid) { |
if (kill 0 => $daemonpid) { |
| print("failed to kill"); |
print("failed to kill"); |
| } else { |
} else { |
|
Line 149 sub stop_daemon {
|
Line 93 sub stop_daemon {
|
| print(", killed off extraneous processes"); |
print(", killed off extraneous processes"); |
| } |
} |
| unlink($pidfile); |
unlink($pidfile); |
| |
if ($killallname eq 'loncnew') { |
| |
&clean_nossl_loncpids(); |
| |
} |
| print("\n"); |
print("\n"); |
| } |
} |
| |
|
| |
sub clean_sockets { |
| |
opendir(SOCKETS,"/home/httpd/sockets/"); |
| |
my $perlvarref=&LONCAPA::Configuration::read_conf(); |
| |
return if (ref($perlvarref) ne 'HASH'); |
| |
while (my $fname=readdir(SOCKETS)) { |
| |
next if (-d $fname |
| |
|| $fname=~/(mysqlsock|maximasock|\Q$perlvarref->{'lonSockDir'}\E)/); |
| |
unlink("/home/httpd/sockets/$fname"); |
| |
} |
| |
} |
| |
|
| |
sub clean_nossl_loncpids { |
| |
my $childpiddir = '/home/httpd/perl/logs/loncpids'; |
| |
my $nossldir = '/home/httpd/sockets/nosslverify'; |
| |
foreach my $dir ($childpiddir,$nossldir) { |
| |
if (-d $dir) { |
| |
if (opendir(my $dh,$dir)) { |
| |
while (my $fname=readdir($dh)) { |
| |
next if ($fname =~ /^\./); |
| |
unlink("$dir/$fname"); |
| |
} |
| |
closedir($dh); |
| |
} |
| |
} |
| |
} |
| |
} |
| |
|
| if (($command eq "restartold") or ($command eq "reloadold")) { |
if (($command eq "restart") || ($command eq 'stop') || |
| print 'Restarting LON-CAPA'."\n"; |
($command eq 'start') || ($command eq "status")) { |
| print 'Ending LON-CAPA client and daemon processes'."\n"; |
my $iptables = &LONCAPA::Firewall::get_pathto_iptables(); |
| foreach my $daemon ('lonsql','lond','lonc','lonhttpd','lonmemcached') { |
my @fw_chains = &LONCAPA::Firewall::get_fw_chains($iptables); |
| &stop_daemon($daemon,$daemon); |
my $lond_port = &LONCAPA::Firewall::get_lond_port(); |
| } |
my $firewalld = &LONCAPA::Firewall::uses_firewalld(); |
| print 'Starting LON-CAPA client and daemon processes (please be patient)'. |
my %iphost; |
| "\n"; |
if ($command eq 'restart') { |
| system("su www -c '/home/httpd/perl/loncron --oldlonc --justcheckdaemons'"); |
print 'Restarting LON-CAPA'."\n"; |
| } elsif ($command eq "restart") { |
print 'Ending LON-CAPA client and daemon processes'."\n"; |
| print 'Restarting LON-CAPA'."\n"; |
foreach my $daemon ('lonsql','lond','lonc','lonmemcached','lonmaxima','lonr') { |
| print 'Ending LON-CAPA client and daemon processes'."\n"; |
my $killallname=$daemon; |
| foreach my $daemon ('lonsql','lond','lonc','lonhttpd','lonmemcached') { |
if ($daemon eq 'lonc') { $killallname='loncnew'; } |
| my $killallname=$daemon; |
&stop_daemon($daemon,$killallname); |
| if ($daemon eq 'lonc') { $killallname='loncnew'; } |
} |
| &stop_daemon($daemon,$killallname); |
%iphost = &Apache::lonnet::get_iphost('',1); |
| } |
my $firewall_result = |
| print 'Starting LON-CAPA client and daemon processes (please be patient)'. |
&LONCAPA::Firewall::firewall_close_port($iptables,\@fw_chains, |
| "\n"; |
$lond_port,\%iphost,[$lond_port], |
| system("su www -c '/home/httpd/perl/loncron --justcheckdaemons'"); |
$firewalld); |
| } elsif ($command eq "stop") { |
if ($firewall_result) { |
| print 'Stopping LON-CAPA'."\n"; |
print "$firewall_result\n"; |
| foreach my $daemon ('lonsql','lond','lonc','lonhttpd','lonmemcached') { |
} |
| my $killallname=$daemon; |
$firewall_result = |
| if ($daemon eq 'lonc') { $killallname='loncnew'; } |
&LONCAPA::Firewall::firewall_open_port($iptables,\@fw_chains, |
| &stop_daemon($daemon,$killallname); |
$lond_port,\%iphost,[$lond_port], |
| } |
$firewalld); |
| &firewall_close_port(); |
if (($firewall_result eq 'ok') || ($firewall_result eq 'inactive firewall')) { |
| } elsif ($command eq "startold") { |
if ($firewall_result eq 'inactive firewall') { |
| &firewall_open_port(); |
print "WARNING: iptables firewall is currently inactive\n"; |
| print 'Starting LON-CAPA'."\n"; |
} |
| print 'Starting LON-CAPA client and daemon processes (please be patient)'. |
} elsif ($firewall_result) { |
| "\n"; |
print "$firewall_result\n"; |
| system("su www -c '/home/httpd/perl/loncron --oldlonc --justcheckdaemons'"); |
} |
| } elsif ($command eq "start") { |
print 'Starting LON-CAPA client and daemon processes (please be patient)'. |
| &firewall_open_port(); |
"\n"; |
| print 'Starting LON-CAPA'."\n"; |
system("su www -c '/home/httpd/perl/loncron --justcheckdaemons'"); |
| print 'Starting LON-CAPA client and daemon processes (please be patient)'. |
} elsif ($command eq 'stop') { |
| "\n"; |
print 'Stopping LON-CAPA'."\n"; |
| system("su www -c '/home/httpd/perl/loncron --justcheckdaemons'"); |
foreach my $daemon ('lonsql','lond','lonc','lonmemcached','lonmaxima','lonr') { |
| |
my $killallname=$daemon; |
| |
if ($daemon eq 'lonc') { $killallname='loncnew'; } |
| |
&stop_daemon($daemon,$killallname); |
| |
} |
| |
my $firewall_result = |
| |
&LONCAPA::Firewall::firewall_close_port($iptables,\@fw_chains, |
| |
$lond_port,\%iphost,[$lond_port], |
| |
$firewalld); |
| |
if ($firewall_result) { |
| |
print "$firewall_result\n"; |
| |
} |
| |
&clean_sockets(); |
| |
} elsif ($command eq "start") { |
| |
%iphost = &Apache::lonnet::get_iphost('',1); |
| |
my $firewall_result = |
| |
&LONCAPA::Firewall::firewall_open_port($iptables,\@fw_chains, |
| |
$lond_port,\%iphost,[$lond_port], |
| |
$firewalld); |
| |
if (($firewall_result eq 'ok') || ($firewall_result eq 'inactive firewall')) { |
| |
if ($firewall_result eq 'inactive firewall') { |
| |
print "WARNING: iptables firewall is currently inactive\n"; |
| |
} |
| |
print 'Starting LON-CAPA'."\n"; |
| |
print 'Starting LON-CAPA client and daemon processes (please be patient)'. |
| |
"\n"; |
| |
system("su www -c '/home/httpd/perl/loncron --justcheckdaemons'"); |
| |
} else { |
| |
print "Not starting LON-CAPA\n"; |
| |
if ($firewall_result eq 'port number unknown') { |
| |
print "Could not check for status of LON-CAPA port in running firewall - port number unknown. \n"; |
| |
} elsif ($firewall_result) { |
| |
print "$firewall_result\n"; |
| |
} |
| |
} |
| |
} elsif ($command eq "status") { |
| |
%iphost = &Apache::lonnet::get_iphost(); |
| |
my $response=`/bin/cat /home/httpd/perl/logs/*.pid 2>&1`; |
| |
if ($response=~/No such file or directory/) { |
| |
print 'LON-CAPA is not running.'."\n"; |
| |
} else { |
| |
print 'LON-CAPA is running.'."\n"; |
| |
system("su www -c '/home/httpd/perl/loncron --justcheckconnections'"); |
| |
} |
| |
if (! &LONCAPA::Firewall::firewall_is_active()) { |
| |
print 'The iptables firewall is not active'."\n"; |
| |
} |
| |
if ($lond_port) { |
| |
my $londopen; |
| |
foreach my $fw_chain (@fw_chains) { |
| |
my $numopen = &LONCAPA::Firewall::firewall_is_port_open($iptables,$fw_chain,$lond_port,$lond_port,\%iphost,$firewalld); |
| |
$londopen += $numopen; |
| |
} |
| |
if ($londopen) { |
| |
print "The LON-CAPA port ($lond_port) is open in firewall.\n"; |
| |
} elsif (&LONCAPA::Firewall::firewall_is_active()) { |
| |
print "The LON-CAPA port ($lond_port) is NOT open in running firewall!\n"; |
| |
} |
| |
} else { |
| |
if (&LONCAPA::Firewall::firewall_is_active()) { |
| |
print "Could not check for status of LON-CAPA port in running firewall - port number unknown.\n"; |
| |
} else { |
| |
print "LON-CAPA port number is unknown, and firewall is not running.\n"; |
| |
} |
| |
} |
| |
} |
| } elsif ($command eq "reload") { |
} elsif ($command eq "reload") { |
| print 'Reload LON-CAPA config files'."\n"; |
print 'Reload LON-CAPA config files'."\n"; |
| system("su www -c '/home/httpd/perl/loncron --justreload'"); |
system("su www -c '/home/httpd/perl/loncron --justreload'"); |
| } elsif ($command eq "status") { |
|
| $response=`/bin/cat /home/httpd/perl/logs/*.pid 2>&1`; |
|
| if ($response=~/No such file or directory/) { |
|
| print 'LON-CAPA is not running.'."\n"; |
|
| } else { |
|
| print 'LON-CAPA is running.'."\n"; |
|
| system("su www -c '/home/httpd/perl/loncron --justcheckconnections'"); |
|
| } |
|
| if (! &firewall_is_active) { |
|
| print 'The iptables firewall is not active'."\n"; |
|
| } |
|
| if (&firewall_is_port_open()) { |
|
| print 'The LON-CAPA port is open in firewall.'."\n"; |
|
| } elsif (&firewall_is_active) { |
|
| print 'The LON-CAPA port is NOT open in running firewall!'."\n"; |
|
| } |
|
| } else { |
} else { |
| print 'You need to specify one of restart|stop|start|status on the command line.'."\n"; |
print "You need to specify one of reload|restart|stop|start|status on the command line.\n"; |
| } |
} |
![[BACK]](/icons/back.gif){kind=icon}
Return to loncontrol CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / init.d