[debian-edu-commits] [Git][debian-edu/debian-edu-config][personal/gber/init.d-invocation] Replace direct invocation of init scripts with invoke-rc.d where possible

Guido Berhörster (@gber) gitlab at salsa.debian.org
Fri Sep 15 13:12:29 BST 2023 


Guido Berhörster pushed to branch personal/gber/init.d-invocation at Debian Edu / debian-edu-config


Commits:
c4b9f493 by Guido Berhoerster at 2023-09-15T14:12:02+02:00
Replace direct invocation of init scripts with invoke-rc.d where possible

The invocation of /etc/init.d/networking during installation cannot be replaced
because invoke-rc.d might not start services which are disabled via
policy-rc.d.  Replace the start and stop of slapd by inlining a streamlined
version of the sysv-init script code.

- - - - -


7 changed files:

- etc/resolvconf/update.d/bind-debian-edu
- sbin/debian-edu-restart-services
- share/debian-edu-config/d-i/finish-install
- share/debian-edu-config/d-i/pre-pkgsel
- share/debian-edu-config/tools/kerberos-kdc-init
- share/debian-edu-config/tools/ldapdump.sh
- testsuite/ldap-client


Changes:

=====================================
etc/resolvconf/update.d/bind-debian-edu
=====================================
@@ -98,5 +98,5 @@ else
 	mv -f "$TMP_FILE" "$OPTS_FILE"
 	# /usr/sbin/ for invoke-rc.d
 	PATH=$PATH:/usr/sbin
-	[ -x /etc/init.d/named ] && invoke-rc.d named reload > /dev/null 2>&1 || :
+	invoke-rc.d named reload > /dev/null 2>&1 || :
 fi


=====================================
sbin/debian-edu-restart-services
=====================================
@@ -52,7 +52,7 @@ sysvinit_restart_services () {
     done
 
     echo "Info: Restarting networking"
-    /etc/init.d/networking restart || /bin/true
+    invoke-rc.d networking restart || true
 
     echo "info: Starting services in sequence."
     for ALL in /etc/rc2.d/S* ; do 


=====================================
share/debian-edu-config/d-i/finish-install
=====================================
@@ -17,7 +17,10 @@ log() {
 # make sure /var/ is umounted and clean on first boot.
 deconfigure_network() {
 	if [ -e /tmp/debian-edu-nonetwork ] ; then
-		in-target /bin/sh -c "/etc/init.d/networking stop" || true
+		# FIXME since this is run in D-I invoke-rc.d cannot be used
+		# here, the sysv-init script should probably be replaced by an
+		# equivalent script of our own
+		in-target /bin/sh -c "/etc/init.d/networking networking stop" || true
 	fi
 }
 


=====================================
share/debian-edu-config/d-i/pre-pkgsel
=====================================
@@ -216,6 +216,9 @@ EOF
 	# Redirecting fd 3 as a workaround for skolelinux bug #1229.
 	# make sure the redirecting happen inside the chroot, as
 	# in-target need to talk to debconf.
+	# FIXME since this is run in D-I invoke-rc.d cannot be used
+	# here, the sysv-init script should probably be replaced by an
+	# equivalent script of our own
 	in-target /bin/sh -c "/etc/init.d/networking start 3> /dev/null" || true
 	touch /tmp/debian-edu-nonetwork
     fi


=====================================
share/debian-edu-config/tools/kerberos-kdc-init
=====================================
@@ -274,36 +274,93 @@ if [ -f $STASHFILE ] ; then
     exit 1
 fi
 
-## check if slapd is running:
-PID=`pidof slapd || /bin/true`
-if [ -z "$PID" ]; then
+## check if slapd is already running, otherwise start now
+slapd_started=false
+if ! pidof -q slapd; then
     echo "The ldap server slapd seems not to be running. Trying to start slapd." 1>&2
     if [ -x /sbin/start-stop-daemon.REAL ] ; then
 	## needed to start slapd during installation:
 	mv /sbin/start-stop-daemon /sbin/start-stop-daemon.FAKE
 	cp /sbin/start-stop-daemon.REAL /sbin/start-stop-daemon
     fi
-    /etc/init.d/slapd start
+
+    [ -f "/etc/default/slapd" ] && . /etc/default/slapd
+
+    # Load the default location of the slapd config file
+    if [ -z "${SLAPD_CONF}" ]; then
+	    if [ -e /etc/ldap/slapd.d ]; then
+		    SLAPD_CONF=/etc/ldap/slapd.d
+	    else
+		    SLAPD_CONF=/etc/ldap/slapd.conf
+	    fi
+    fi
+
+    # Stop processing if the config file is not there
+    [ -r "$SLAPD_CONF" ] || return 1
+
+    # extend options depending on config type
+    [ -f "${SLAPD_CONF}" ] && "-f ${SLAPD_CONF} ${SLAPD_OPTIONS}"
+    [ -d "${SLAPD_CONF}" ] && "-F ${SLAPD_CONF} ${SLAPD_OPTIONS}"
+
+    # Find out the name of slapd's pid file
+    if [ -z "$SLAPD_PIDFILE" ]; then
+	    # If using old one-file configuration scheme
+	    if [ -f "$SLAPD_CONF" ] ; then
+		    SLAPD_PIDFILE="$(awk '$1 == "pidfile" { print $2 }'
+			"${SLAPD_CONF}")"
+	    # Else, if using new directory configuration scheme
+	    elif [ -d "$SLAPD_CONF" ] ; then
+		    SLAPD_PIDFILE="$(awk '$1 == "olcPidFile:" { print $2 }'
+			"${SLAPD_CONF}/cn=config.ldif")"
+	    fi
+    fi
+    [ -n "$SLAPD_PIDFILE" ] || return 1
+
+    # Pass the user and group to run under to slapd
+    SLAPD_OPTIONS="${SLAPD_USER:+-u ${SLAPD_USER} }${SLAPD_OPTIONS}"
+    SLAPD_OPTIONS="${SLAPD_USER:+-g ${SLAPD_USER} }${SLAPD_OPTIONS}"
+
+    # Make sure /var/run/slapd exists with correct permissions
+    if [ ! -d /var/run/slapd ]; then
+	    mkdir -p /var/run/slapd
+	    [ -z "${SLAPD_USER}" ] || chown -R "${SLAPD_USER}" /var/run/slapd
+	    [ -z "${SLAPD_GROUP}" ] || chgrp -R "${SLAPD_GROUP}" /var/run/slapd
+    fi
+
+    # Make sure the pidfile directory exists with correct permissions
+    piddir="$(dirname "${SLAPD_PIDFILE}")"
+    if [ ! -d "${piddir}" ]; then
+	    mkdir -p -m 750 "$piddir"
+	    [ -z "${SLAPD_USER}" ] || chown -R "${SLAPD_USER}" "${piddir}"
+	    [ -z "${SLAPD_GROUP}" ] || chgrp -R "${SLAPD_GROUP}" "${piddir}"
+    fi
+
+    # Start slapd
+    start-stop-daemon --start --quiet --oknodo \
+	--pidfile "${SLAPD_PIDFILE}" --exec $SLAPD -- \
+	${SLAPD_SERVICES:+-h "${SLAPD_SERVICES}" }${SLAPD_OPTIONS}
     slapd_started=true
 
     # Make sure there is no race problem if kerberos try to talk to slapd
     # before it is operational.
     sleep 5
-fi
 
-PID=`pidof slapd || /bin/true`
-if [ -z "$PID" ]; then
-    echo "error: the ldap server is not running. Skipping KDC setup." 1>&2
-    exit 1
-else
-    mit_kerberos
-    mit_kerberos_kdc $LDAP_PW $KDC_PW
-    firstuser_post || echo "error: unable to set up first LDAP user."
-    firstuser_samba || echo "error: unable to add first user Samba settings."
+    # Ensure slapd is running
+    if ! start-stop-daemon --status --quiet --pidfile "${SLAPD_PIDFILE}" \
+	--exec ${SLAPD}; then
+	echo "error: the ldap server is not running. Skipping KDC setup." 1>&2
+	exit 1
+    fi
 fi
 
-if [ true = "$slapd_started" ] ; then
-    /etc/init.d/slapd stop
+mit_kerberos
+mit_kerberos_kdc $LDAP_PW $KDC_PW
+firstuser_post || echo "error: unable to set up first LDAP user."
+firstuser_samba || echo "error: unable to add first user Samba settings."
+
+if ${slapd_started}; then
+    start-stop-daemon --stop --quiet --pidfile "${SLAPD_PIDFILE}" \
+	--exec ${SLAPD}
     if [ -x /sbin/start-stop-daemon.REAL ] ; then
 	mv /sbin/start-stop-daemon.FAKE /sbin/start-stop-daemon
     fi


=====================================
share/debian-edu-config/tools/ldapdump.sh
=====================================
@@ -34,11 +34,12 @@ at_exit() {
 trap at_exit INT TERM EXIT
 
 # do the LDAP-databasedump (slapcat)
-if [ -x /etc/init.d/slapd -a -x /usr/sbin/slapcat ]; then
+invoke-rc.d --query slapd start 2>/dev/null
+if [ $? -ne 100 ] && [ -x /usr/sbin/slapcat ]; then
     logger -t ldapdump.sh "stopping slapd to back up the database"
     count=5
-    while /etc/init.d/slapd status && [ 0 -gt $count ] ; do
-	/etc/init.d/slapd stop
+    while invoke-rc.d slapd status && [ 0 -gt $count ] ; do
+	invoke-rc.d slapd stop
 	sleep 1
 	count=$(($count - 1))
     done
@@ -47,8 +48,8 @@ if [ -x /etc/init.d/slapd -a -x /usr/sbin/slapcat ]; then
     logger -t ldapdump.sh "starting slapd after backing up the database"
     slapdstarted=false
     count=5
-    while ! /etc/init.d/slapd status && [ 0 -gt $count ]; do
-	if /etc/init.d/slapd start ; then
+    while ! invoke-rc.d slapd status && [ 0 -gt $count ]; do
+	if invoke-rc.d slapd start ; then
 	    slapdstarted=true
 	else
 	    sleep 1
@@ -63,7 +64,7 @@ if [ -x /etc/init.d/slapd -a -x /usr/sbin/slapcat ]; then
 	exit 1
     fi
 else
-    echo "Either /etc/init.d/slapd or /usr/sbin/slapcat was not executable."
+    echo "Either slapd service is not allowed to be started or /usr/sbin/slapcat was not executable."
     echo "Bailing out.."
     exit 1
 fi


=====================================
testsuite/ldap-client
=====================================
@@ -107,7 +107,7 @@ else
 fi
 
 for service in $SERVICES ; do
-    if /etc/init.d/$service status > /dev/null 2>&1; then
+    if invoke-rc.d $service status > /dev/null 2>&1; then
 	success "$service service is operational."
     else
 	error "$service service is not operational."



View it on GitLab: https://salsa.debian.org/debian-edu/debian-edu-config/-/commit/c4b9f4935eba2fc822bba13456d328972cd3c387

-- 
View it on GitLab: https://salsa.debian.org/debian-edu/debian-edu-config/-/commit/c4b9f4935eba2fc822bba13456d328972cd3c387
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-edu-commits/attachments/20230915/87d294f1/attachment-0001.htm>

More information about the debian-edu-commits mailing list