version 1.26, 2005/06/13 19:54:28
|
version 1.34, 2009/02/02 17:06:55
|
Line 32
|
Line 32
|
# chkconfig: 345 95 5 |
# chkconfig: 345 95 5 |
# description: LON-CAPA is a "network of knowledge". It is used to \ |
# description: LON-CAPA is a "network of knowledge". It is used to \ |
# distribute knowledge resources and instructional management. |
# distribute knowledge resources and instructional management. |
# processnames: lonc, lond, lonsql |
# processnames: lonc, lond, lonsql, lonmaxima |
# pidfiles: /home/httpd/perl/logs/lon*.pid |
# pidfiles: /home/httpd/perl/logs/lon*.pid |
# config: /etc/httpd/conf/loncapa.conf |
# config: /etc/httpd/conf/loncapa.conf |
# config: /home/httpd/lonTabs/hosts.tab |
# config: /home/httpd/lonTabs/hosts.tab |
# config: /home/httpd/lonTabs/spare.tab |
# config: /home/httpd/lonTabs/spare.tab |
|
# SuSE chkconfig/insserv info |
|
### BEGIN INIT INFO |
|
# Provides: loncapa |
|
# Required-Start: mysql apache2 $network $remote_fs |
|
# Required-Stop: |
|
# Default-Start: 3 4 5 |
|
# Default-Stop: |
|
# Description: Starts the LON-CAPA services |
|
### END INIT INFO |
|
|
|
use strict; |
|
use lib '/home/httpd/lib/perl/'; |
|
use LONCAPA::Configuration; |
|
|
$command=$ARGV[0]; $command=~s/[^a-z]//g; |
my $command=$ARGV[0]; $command=~s/[^a-z]//g; |
|
|
$ENV{'PATH'}="/sbin:/bin:/usr/sbin:/usr/bin:/usr/X11R6/bin:/root/bin"; |
$ENV{'PATH'}="/sbin:/bin:/usr/sbin:/usr/bin:/usr/X11R6/bin:/root/bin"; |
$ENV{'BASH_ENV'}=""; |
$ENV{'BASH_ENV'}=""; |
Line 47 $ENV{'BASH_ENV'}="";
|
Line 60 $ENV{'BASH_ENV'}="";
|
# Firewall code is based on the code in FC2 /etc/init.d/ntpd |
# Firewall code is based on the code in FC2 /etc/init.d/ntpd |
my $fw_chain = 'RH-Firewall-1-INPUT'; |
my $fw_chain = 'RH-Firewall-1-INPUT'; |
my $iptables = '/sbin/iptables'; |
my $iptables = '/sbin/iptables'; |
my $lond_port = 5663; |
if (! -e $iptables) { |
my $lonhttpd_port = 8080; |
$iptables = '/usr/sbin/iptables'; |
|
if (!-e $iptables) { |
|
print("Unable to find iptables command\n"); |
|
} |
|
} |
|
my $suse_config = "/etc/sysconfig/SuSEfirewall2"; |
|
if (!-e $suse_config) { |
|
if (!-e '/etc/sysconfig/iptables') { |
|
print("Unable to find iptables file containing static definitions\n"); |
|
} |
|
} |
|
my $lond_port = &get_lond_port(); |
|
if (!$lond_port) { |
|
print("Unable to determine lond port number from LON-CAPA configuration.\n"); |
|
} |
|
|
sub firewall_open_port { |
sub firewall_open_port { |
return if (! &firewall_is_active); |
return 'inactive firewall' if (! &firewall_is_active); |
if (! `$iptables -L -n 2>/dev/null | grep $fw_chain | wc -l`) { return; } |
return 'port number unknown' if !$lond_port; |
# iptables is running with our chain |
my @opened; |
# |
my $suse_config = "/etc/sysconfig/SuSEfirewall2"; |
# We could restrict the servers allowed to attempt to communicate |
if (-e $suse_config) { |
# here, but the logistics of updating the /home/httpd/lonTabs/host.tab |
if (open(my $fh,"<$suse_config")) { |
# file are likely to be a problem |
while(<$fh>) { |
foreach my $port ($lond_port,$lonhttpd_port) { |
chomp(); |
print "Opening firewall access on port $port.\n"; |
if (/^FW_SERVICES_EXT_TCP="([^"]+)"\s*$/) { |
|
my $portstr = $1; |
my $firewall_command = |
my @suseports = split(/\s+/,$portstr); |
"$iptables -I $fw_chain -p tcp -d 0/0 --dport $port -j ACCEPT"; |
foreach my $port ($lond_port) { |
system($firewall_command); |
if (grep/^\Q$port\E$/,@suseports) { |
my $return_status = $?>>8; |
push(@opened,$port); |
if ($return_status == 1) { |
} |
# Error |
} |
print "Error opening port.\n"; |
} |
} elsif ($return_status == 2) { |
} |
# Bad command |
} |
print "Bad command error opening port. Command was\n". |
} else { |
" ".$firewall_command."\n"; |
if (! `$iptables -L -n 2>/dev/null | grep $fw_chain | wc -l`) { |
|
return 'chain error'; |
|
} |
|
# iptables is running with our chain |
|
# |
|
# We could restrict the servers allowed to attempt to communicate |
|
# here, but the logistics of updating the /home/httpd/lonTabs/host.tab |
|
# file are likely to be a problem |
|
foreach my $port ($lond_port) { |
|
print "Opening firewall access on port $port.\n"; |
|
my $result; |
|
my $firewall_command = |
|
"$iptables -I $fw_chain -p tcp -d 0/0 --dport $port -j ACCEPT"; |
|
system($firewall_command); |
|
my $return_status = $?>>8; |
|
if ($return_status == 1) { |
|
# Error |
|
print "Error opening port.\n"; |
|
} elsif ($return_status == 2) { |
|
# Bad command |
|
print "Bad command error opening port. Command was\n". |
|
" ".$firewall_command."\n"; |
|
} elsif ($return_status == 0) { |
|
push(@opened,$port); |
|
} |
} |
} |
} |
} |
|
foreach my $port ($lond_port) { |
|
if (!grep(/^\Q$port\E$/,@opened)) { |
|
return 'Required port not open: '.$port."\n"; |
|
} |
|
} |
|
return 'ok'; |
} |
} |
|
|
sub firewall_is_port_open { |
sub firewall_is_port_open { |
|
my ($port) = @_; |
# returns 1 if the firewall port is open, 0 if not. |
# returns 1 if the firewall port is open, 0 if not. |
# |
# |
# check if firewall is active or installed |
# check if firewall is active or installed |
Line 98 sub firewall_is_active {
|
Line 155 sub firewall_is_active {
|
} |
} |
|
|
sub firewall_close_port { |
sub firewall_close_port { |
return if (! &firewall_is_active); |
return 'inactive firewall' if (! &firewall_is_active); |
foreach my $port ($lond_port,$lonhttpd_port) { |
return 'port number unknown' if !$lond_port; |
print "Closing firewall access on port $port.\n"; |
my $suse_config = "/etc/sysconfig/SuSEfirewall2"; |
|
return if (-e $suse_config); |
|
foreach my $port ($lond_port) { |
|
print "Closing firewall access on port $port\n"; |
my $firewall_command = |
my $firewall_command = |
"$iptables -D $fw_chain -p tcp -d 0/0 --dport $port -j ACCEPT"; |
"$iptables -D $fw_chain -p tcp -d 0/0 --dport $port -j ACCEPT"; |
system($firewall_command); |
system($firewall_command); |
Line 112 sub firewall_close_port {
|
Line 172 sub firewall_close_port {
|
# Bad command |
# Bad command |
print "Bad command error closing port. Command was\n". |
print "Bad command error closing port. Command was\n". |
" ".$firewall_command."\n"; |
" ".$firewall_command."\n"; |
|
} else { |
|
print "Port closed.\n"; |
} |
} |
} |
} |
|
return; |
|
} |
|
|
|
sub get_lond_port { |
|
my $perlvarref=&LONCAPA::Configuration::read_conf(); |
|
my $lond_port; |
|
if (ref($perlvarref) eq 'HASH') { |
|
if (defined($perlvarref->{'londPort'})) { |
|
$lond_port = $perlvarref->{'londPort'}; |
|
} |
|
} |
|
return $lond_port; |
} |
} |
|
|
} # End firewall variable scope |
} # End firewall variable scope |
Line 128 sub stop_daemon {
|
Line 202 sub stop_daemon {
|
my $daemonpid=<PIDFILE>; |
my $daemonpid=<PIDFILE>; |
chomp($daemonpid); |
chomp($daemonpid); |
kill TERM => $daemonpid; |
kill TERM => $daemonpid; |
sleep 1; |
my $count=0; |
|
while ($count++ < 5 && kill(0 => $daemonpid)) { |
|
sleep 1; |
|
} |
if (kill 0 => $daemonpid) { |
if (kill 0 => $daemonpid) { |
kill KILL => $daemonpid; |
kill KILL => $daemonpid; |
sleep 1; |
sleep 1; |
Line 152 sub stop_daemon {
|
Line 229 sub stop_daemon {
|
print("\n"); |
print("\n"); |
} |
} |
|
|
|
sub clean_sockets { |
if (($command eq "restartold") or ($command eq "reloadold")) { |
opendir(SOCKETS,"/home/httpd/sockets/"); |
print 'Restarting LON-CAPA'."\n"; |
my $perlvarref=&LONCAPA::Configuration::read_conf(); |
print 'Ending LON-CAPA client and daemon processes'."\n"; |
return if (ref($perlvarref) ne 'HASH'); |
foreach my $daemon ('lonsql','lond','lonc','lonhttpd','lonmemcached') { |
while (my $fname=readdir(SOCKETS)) { |
&stop_daemon($daemon,$daemon); |
next if (-d $fname |
|
|| $fname=~/(mysqlsock|maximasock|\Q$perlvarref->{'lonSockDir'}\E)/); |
|
unlink("/home/httpd/sockets/$fname"); |
} |
} |
print 'Starting LON-CAPA client and daemon processes (please be patient)'. |
} |
"\n"; |
|
system("su www -c '/home/httpd/perl/loncron --oldlonc --justcheckdaemons'"); |
if ($command eq "restart") { |
} elsif ($command eq "restart") { |
|
print 'Restarting LON-CAPA'."\n"; |
print 'Restarting LON-CAPA'."\n"; |
print 'Ending LON-CAPA client and daemon processes'."\n"; |
print 'Ending LON-CAPA client and daemon processes'."\n"; |
foreach my $daemon ('lonsql','lond','lonc','lonhttpd','lonmemcached') { |
foreach my $daemon ('lonsql','lond','lonc','lonmemcached','lonmaxima') { |
my $killallname=$daemon; |
my $killallname=$daemon; |
if ($daemon eq 'lonc') { $killallname='loncnew'; } |
if ($daemon eq 'lonc') { $killallname='loncnew'; } |
&stop_daemon($daemon,$killallname); |
&stop_daemon($daemon,$killallname); |
Line 175 if (($command eq "restartold") or ($comm
|
Line 253 if (($command eq "restartold") or ($comm
|
system("su www -c '/home/httpd/perl/loncron --justcheckdaemons'"); |
system("su www -c '/home/httpd/perl/loncron --justcheckdaemons'"); |
} elsif ($command eq "stop") { |
} elsif ($command eq "stop") { |
print 'Stopping LON-CAPA'."\n"; |
print 'Stopping LON-CAPA'."\n"; |
foreach my $daemon ('lonsql','lond','lonc','lonhttpd','lonmemcached') { |
foreach my $daemon ('lonsql','lond','lonc','lonmemcached','lonmaxima') { |
my $killallname=$daemon; |
my $killallname=$daemon; |
if ($daemon eq 'lonc') { $killallname='loncnew'; } |
if ($daemon eq 'lonc') { $killallname='loncnew'; } |
&stop_daemon($daemon,$killallname); |
&stop_daemon($daemon,$killallname); |
} |
} |
&firewall_close_port(); |
my $firewall_result = &firewall_close_port(); |
} elsif ($command eq "startold") { |
if ($firewall_result) { |
&firewall_open_port(); |
print "$firewall_result\n"; |
print 'Starting LON-CAPA'."\n"; |
} |
print 'Starting LON-CAPA client and daemon processes (please be patient)'. |
&clean_sockets(); |
"\n"; |
|
system("su www -c '/home/httpd/perl/loncron --oldlonc --justcheckdaemons'"); |
|
} elsif ($command eq "start") { |
} elsif ($command eq "start") { |
&firewall_open_port(); |
my $firewall_result = &firewall_open_port(); |
print 'Starting LON-CAPA'."\n"; |
if (($firewall_result eq 'ok') || ($firewall_result eq 'inactive firewall')) { |
print 'Starting LON-CAPA client and daemon processes (please be patient)'. |
if ($firewall_result eq 'inactive firewall') { |
"\n"; |
print "WARNING: iptables firewall is currently inactive\n"; |
system("su www -c '/home/httpd/perl/loncron --justcheckdaemons'"); |
} |
|
print 'Starting LON-CAPA'."\n"; |
|
print 'Starting LON-CAPA client and daemon processes (please be patient)'. |
|
"\n"; |
|
system("su www -c '/home/httpd/perl/loncron --justcheckdaemons'"); |
|
} else { |
|
print "Not starting LON-CAPA\n"; |
|
if ($firewall_result eq 'port number unknown') { |
|
print "Could not check for status of LON-CAPA port in running firewall - port number unknown. \n"; |
|
} elsif ($firewall_result) { |
|
print "$firewall_result\n"; |
|
} |
|
} |
} elsif ($command eq "reload") { |
} elsif ($command eq "reload") { |
print 'Reload LON-CAPA config files'."\n"; |
print 'Reload LON-CAPA config files'."\n"; |
system("su www -c '/home/httpd/perl/loncron --justreload'"); |
system("su www -c '/home/httpd/perl/loncron --justreload'"); |
} elsif ($command eq "status") { |
} elsif ($command eq "status") { |
$response=`/bin/cat /home/httpd/perl/logs/*.pid 2>&1`; |
my $lond_port = &get_lond_port(); |
|
my $response=`/bin/cat /home/httpd/perl/logs/*.pid 2>&1`; |
if ($response=~/No such file or directory/) { |
if ($response=~/No such file or directory/) { |
print 'LON-CAPA is not running.'."\n"; |
print 'LON-CAPA is not running.'."\n"; |
} else { |
} else { |
Line 207 if (($command eq "restartold") or ($comm
|
Line 296 if (($command eq "restartold") or ($comm
|
if (! &firewall_is_active) { |
if (! &firewall_is_active) { |
print 'The iptables firewall is not active'."\n"; |
print 'The iptables firewall is not active'."\n"; |
} |
} |
if (&firewall_is_port_open()) { |
my $lond_port = &get_lond_port(); |
print 'The LON-CAPA port is open in firewall.'."\n"; |
if ($lond_port) { |
} elsif (&firewall_is_active) { |
if (&firewall_is_port_open($lond_port)) { |
print 'The LON-CAPA port is NOT open in running firewall!'."\n"; |
print "The LON-CAPA port ($lond_port) is open in firewall.\n"; |
|
} elsif (&firewall_is_active) { |
|
print "The LON-CAPA port ($lond_port) is NOT open in running firewall!\n"; |
|
} |
|
} else { |
|
if (&firewall_is_active) { |
|
print "Could not check for status of LON-CAPA port in running firewall - port number unknown.\n"; |
|
} else { |
|
print "LON-CAPA port number is unknown, and firewall is not running.\n"; |
|
} |
} |
} |
} else { |
} else { |
print 'You need to specify one of restart|stop|start|status on the command line.'."\n"; |
print "You need to specify one of restart|stop|start|status on the command line.\n"; |
} |
} |