#!/bin/sh
#
# myproxy-server - Server for X.509 Public Key Infrastructure (PKI) security credentials
#
# chkconfig: 235 55 25
# description:  Server for X.509 Public Key Infrastructure (PKI) security credentials
#
### BEGIN INIT INFO
# Provides: myproxy-server
# Required-Start:  $remote_fs $network $syslog
# Required-Stop:  $remote_fs $syslog
# Should-Start:  $syslog
# Should-Stop:  $network $syslog
# Default-Stop: 0 1 4 6
# Default-Start: 2 3 5
# Short-Description: Startup the MyProxy server daemon
# Description: Server for X.509 Public Key Infrastructure (PKI) security credentials
### END INIT INFO

# Source function library.
. /lib/lsb/init-functions

exec="/usr/sbin/myproxy-server"
prog=$(basename $exec)

# Defaults
MYPROXY_USER=myproxy
MYPROXY_OPTIONS="-s /var/lib/myproxy"
X509_USER_CERT=/etc/grid-security/myproxy/hostcert.pem
X509_USER_KEY=/etc/grid-security/myproxy/hostkey.pem
export X509_USER_CERT
export X509_USER_KEY
PIDFILE=/run/myproxy.pid

# Override defaults here.
[ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog

# Start/Stop the myproxy daemon as user $MYPROXY_USER
# Is there a better LSB idiom for this?
if [ "$(id -u)" = 0 ]; then
    userexist="$(getent passwd "$MYPROXY_USER" | cut -d: -f3)"
    if [ "$userexist" != "" ] && [ "$userexist" != 0 ]; then
        exec su "$MYPROXY_USER" -s /bin/sh -c "$0 ${1+"$@"}"
    fi
fi

# A few sanity checks 
if [ "$1" != "status" ]; then
	[ ! -f $X509_USER_KEY ]  && log_failure_msg "$prog: No hostkey file"  && exit 0
	[ ! -r $X509_USER_KEY ]  && log_failure_msg "$prog: Unable to read hostkey file $X509_USER_KEY"  && exit 0
	[ ! -r $X509_USER_CERT ] && log_failure_msg "$prog: No hostcert file" && exit 0
	[ ! -r $X509_USER_CERT ] && log_failure_msg "$prog: Unable to read hostcert file" && exit 0
fi

start() {
    pidofproc $prog > /dev/null && log_warning_msg "$prog already running" && exit 0
    cd /
    X509_USER_CERT=$X509_USER_CERT X509_USER_KEY=$X509_USER_KEY start_daemon -p $PIDFILE "$exec" ${MYPROXY_OPTIONS}
    retval="$?"
    if [ "$retval" -eq 0 ]; then
	log_success_msg "Started $prog"
	pidofproc "$exec" > "$PIDFILE"
    else
	log_failure_msg "Error starting $prog"
    fi
    return $retval
}

stop() {
    killproc -p $PIDFILE "$exec"
    retval=$?
    if [ "$retval" -eq 0 ]; then
        log_success_msg "Stopped $prog"
    else
        log_success_msg "Error stopping $prog"
    fi
    return $retval
}

restart() {
    stop
    start
}

case "$1" in
    start|stop|restart)
        $1
        ;;
    force-reload)
        restart
        ;;
    status)
        pidofproc -p $PIDFILE $prog > /dev/null
	result="$?"
	if [ "$result" -eq 0 ]; then
	    log_success_msg "$prog is running"
	else
	    log_failure_msg "$prog is not running"
	fi
	exit $result
        ;;
    try-restart|condrestart)
        if pidofproc -p $PIDFILE $prog >/dev/null ; then
            restart
        fi
	;;
    reload)
        # If config can be reloaded without restarting, implement it here,
        # remove the "exit", and add "reload" to the usage message below.
        # For example:
        pidofproc -p $PIDFILE $prog >/dev/null || exit 3
        killproc -p $PIDFILE $prog -HUP
        ;;
    *)
        echo $"Usage: $0 {start|stop|status|restart|reload|try-restart|force-reload}"
        exit 2
esac
