#! /bin/sh

# /etc/init.d/nslcd script for starting and stopping nslcd
# Copyright (C) 2006 West Consulting
# Copyright (C) 2006, 2008, 2009, 2010 Arthur de Jong
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
# License as published by the Free Software Foundation; either
# version 2.1 of the License, or (at your option) any later version.
#
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
# Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public
# License along with this library; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
# 02110-1301 USA

### BEGIN INIT INFO
# Provides:          nslcd
# Required-Start:    $remote_fs $syslog
# Required-Stop:     $remote_fs $syslog
# Should-Start:      $named slapd
# X-Start-Before:    $mail-transport-agent mail-transport-agent exim4 sendmail nullmailer masqmail citadel cron atd autofs am-utils apache2
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: LDAP connection daemon
# Description:       nslcd is a LDAP connection daemon that is used to
#                    do LDAP queries for the NSS and PAM modules.
### END INIT INFO

PATH=/bin:/usr/bin:/sbin:/usr/sbin
NSLCD_BIN=/usr/sbin/nslcd
NSLCD_DESC="LDAP connection daemon"
NSLCD_CFG=/etc/nslcd.conf
NSLCD_STATEDIR=/var/run/nslcd
NSLCD_PIDFILE=$NSLCD_STATEDIR/nslcd.pid

[ -x "$NSLCD_BIN" ] || exit 0
[ -f "$NSLCD_CFG" ] || exit 0

. /lib/lsb/init-functions

# default options for k5start
K5START_BIN=/usr/bin/k5start
K5START_DESC="Keep alive Kerberos ticket"
K5START_START=""
K5START_PIDFILE=$NSLCD_STATEDIR/k5start_nslcd.pid
K5START_USER=$(sed -n 's/^uid *\([^ ]*\) *$/\1/ip' $NSLCD_CFG)
K5START_GROUP=$(sed -n 's/^gid *\([^ ]*\) *$/\1/ip' $NSLCD_CFG)
K5START_MODE=600
K5START_KEYTAB=/etc/krb5.keytab
K5START_CCREFRESH=60
K5START_PRINCIPAL="host/$(hostname -f)"
K5START_CCFILE=$(sed -n 's/^krb5_ccname *\(FILE:\)\?\([^: ]*\) *$/\2/ip' $NSLCD_CFG)

# check if we should use k5start by default (sasl_mech should be GSSAPI and
# krb5_ccname should be found)
if [ -x "$K5START_BIN" ] && \
   grep -q '^sasl_mech *GSSAPI$' $NSLCD_CFG && \
   [ -n "$K5START_CCFILE" ]
then
  K5START_START="yes"
fi

# read defaults
[ -f /etc/default/nslcd ] && . /etc/default/nslcd

k5start_start()
{
  if [ "$K5START_START" = "yes" ]
  then
    log_daemon_msg "Starting $K5START_DESC" "k5start"
    start-stop-daemon --start \
                      --pidfile $K5START_PIDFILE \
                      --exec $K5START_BIN -- \
                      -b -p $K5START_PIDFILE \
                      -o $K5START_USER \
                      -g $K5START_GROUP \
                      -m $K5START_MODE \
                      -f $K5START_KEYTAB \
                      -K $K5START_CCREFRESH \
                      -u $K5START_PRINCIPAL \
                      -k $K5START_CCFILE
    log_end_msg $?
  fi
}

k5start_stop()
{
  if [ "$K5START_START" = "yes" ]
  then
    log_daemon_msg "Stopping $K5START_DESC" "k5start"
    start-stop-daemon --stop --oknodo --pidfile $K5START_PIDFILE
    log_end_msg $?
    # remove any left behind files
    [ -n "$K5START_PIDFILE" ] && rm -f $K5START_PIDFILE
    [ -n "$K5START_CCFILE" ] && rm -f $K5START_CCFILE
  fi
}

k5start_status()
{
  if [ "$K5START_START" = "yes" ]
  then
    status_of_proc -p "$K5START_PIDFILE" "$K5START_BIN" "k5start"
  fi
}

case "$1" in
start)
  # set up state directory
  [ -d "$NSLCD_STATEDIR" ] || ( mkdir -m 755 "$NSLCD_STATEDIR" ; \
                                chown nslcd:nslcd "$NSLCD_STATEDIR" )
  # start k5start if needed
  k5start_start
  # start nslcd
  log_daemon_msg "Starting $NSLCD_DESC" "nslcd"
  start-stop-daemon --start --oknodo \
                    --pidfile $NSLCD_PIDFILE \
                    --startas $NSLCD_BIN
  log_end_msg $?
  ;;
stop)
  # stop nslcd
  log_daemon_msg "Stopping $NSLCD_DESC" "nslcd"
  start-stop-daemon --stop --oknodo \
                    --pidfile $NSLCD_PIDFILE \
                    --name nslcd
  log_end_msg $?
  [ -n "$NSLCD_PIDFILE" ] && rm -f $NSLCD_PIDFILE
  # stop k5start
  k5start_stop
  ;;
restart|force-reload)
  [ -d "$NSLCD_STATEDIR" ] || ( mkdir -m 755 "$NSLCD_STATEDIR" ; \
                                chown nslcd:nslcd "$NSLCD_STATEDIR" )
  log_daemon_msg "Restarting $NSLCD_DESC" "nslcd"
  start-stop-daemon --stop --quiet --retry 10 \
                    --pidfile $NSLCD_PIDFILE \
                    --name nslcd
  log_end_msg $?
  [ -n "$NSLCD_PIDFILE" ] && rm -f $NSLCD_PIDFILE
  k5start_stop
  k5start_start
  start-stop-daemon --start \
                    --pidfile $NSLCD_PIDFILE \
                    --startas $NSLCD_BIN
  log_end_msg $?
  ;;
status)
  if [ -f "$NSLCD_PIDFILE" ]
  then
    if $NSLCD_BIN --check
    then
      log_success_msg "nslcd running (pid `cat $NSLCD_PIDFILE`)"
      exit 0
    else
      log_success_msg "nslcd stopped"
      exit 1
    fi
  else
    log_success_msg "nslcd stopped"
    exit 3
  fi
  k5start_status
  ;;
*)
  log_success_msg "Usage: $0 {start|stop|restart|force-reload|status}"
  exit 1
  ;;
esac

exit 0