ipsec and starter exit with LSB-compliant return codes
authorAndreas Steffen <andreas.steffen@strongswan.org>
Wed, 28 Nov 2007 17:02:12 +0000 (17:02 -0000)
committerAndreas Steffen <andreas.steffen@strongswan.org>
Wed, 28 Nov 2007 17:02:12 +0000 (17:02 -0000)
src/ipsec/ipsec.in
src/starter/starter.c

index d1cb680..3b73116 100755 (executable)
@@ -97,26 +97,36 @@ down)
        if [ "$#" -ne 1 ]
        then
            echo "Usage: ipsec down <connection name>"
-           exit 1
+           exit 2
        fi
-       if test -e $IPSEC_PLUTO_PID
+       rc=7
+       if [ -e $IPSEC_PLUTO_PID ]
        then
                $IPSEC_WHACK --name "$1" --terminate
+               rc="$?"
        fi
-       if test -e $IPSEC_CHARON_PID
+       if [ -e $IPSEC_CHARON_PID ]
        then
                $IPSEC_STROKE down "$1"
+               rc="$?"
        fi
-       exit 0
+       exit "$rc"
        ;;
 listalgs|listpubkeys|\listcards|\rereadgroups)
        op="$1"
        shift
-       if test -e $IPSEC_PLUTO_PID
+       if [ -e $IPSEC_PLUTO_PID ]
        then
                $IPSEC_WHACK "$@" "--$op"
+               exit "$?"
+       else
+               if [ -e $IPSEC_CHARON_PID ]
+               then
+                       exit 3
+               else
+                       exit 7
+               fi
        fi
-       exit 0
        ;;
 listcerts|listcacerts|listaacerts|\
 listacerts|listgroups|listocspcerts|\
@@ -125,32 +135,39 @@ rereadsecrets|rereadcacerts|rereadaacerts|\
 rereadacerts|rereadocspcerts|rereadcrls|\
 rereadall|purgeocsp)
        op="$1"
+       rc=7
        shift
-       if test -e $IPSEC_PLUTO_PID
+       if [ -e $IPSEC_PLUTO_PID ]
        then
                $IPSEC_WHACK "$@" "--$op"
+               rc="$?"
        fi
-       if test -e $IPSEC_CHARON_PID
+       if [ -e $IPSEC_CHARON_PID ]
        then
                $IPSEC_STROKE "$op" "$@"
+               rc="$?"
        fi
-       exit 0
+       exit "$rc"
        ;;
 ready)
        shift
-       if test -e $IPSEC_PLUTO_PID
+       if [ -e $IPSEC_PLUTO_PID ]
        then
                $IPSEC_WHACK --listen
+               exit 0
+       else
+               exit 7
        fi
-       exit 0
        ;;
 reload)
-       if test -e $IPSEC_STARTER_PID 
+       if [ -e $IPSEC_STARTER_PID ]
        then
-           echo "Reloading strongSwan IPsec configuration..." >&2
-           kill -s USR1 `cat $IPSEC_STARTER_PID`
+               echo "Reloading strongSwan IPsec configuration..." >&2
+               kill -s USR1 `cat $IPSEC_STARTER_PID`
+               exit 0
        else
-           echo "ipsec starter is not running" >&2
+               echo "ipsec starter is not running" >&2
+               exit 7
        fi
        exit 0
        ;;
@@ -163,37 +180,49 @@ restart)
        ;;
 route|unroute)
        op="$1"
+       rc=7
        shift
        if [ "$#" -ne 1 ]
        then
-           echo "Usage: ipsec $op <connection name>"
-           exit 1
+               echo "Usage: ipsec $op <connection name>"
+               exit 2
        fi
-       if test -e $IPSEC_PLUTO_PID
+       if [ -e $IPSEC_PLUTO_PID ]
        then
                $IPSEC_WHACK --name "$1" "--$op"
+               rc="$?"
        fi
-       if test -e $IPSEC_CHARON_PID
+       if [ -e $IPSEC_CHARON_PID ]
        then
                $IPSEC_STROKE "$op" "$1"
+               rc="$?"
        fi
-       exit 0
+       exit "$rc"
        ;;
 scencrypt|scdecrypt)
        op="$1"
        shift
-       if test -e $IPSEC_PLUTO_PID
+       if [ -e $IPSEC_PLUTO_PID ]
        then
                $IPSEC_WHACK "--$op" "$@"
+               exit "$?"
+       else
+               exit 7
        fi
-       exit 0
        ;;
 secrets)
-       if test -e $IPSEC_PLUTO_PID
+       rc=7
+       if [ -e $IPSEC_PLUTO_PID ]
        then
                $IPSEC_WHACK --rereadsecrets
+               rc="$?"
        fi
-       exit 0
+       if [ -e $IPSEC_CHARON_PID ]
+       then
+               $IPSEC_STROKE rereadsecrets
+               rc="$?"
+       fi
+       exit "$rc"
        ;;
 start)
        shift
@@ -201,65 +230,75 @@ start)
        ;;
 status|statusall)
        op="$1"
+       rc=7
        shift
-       if test $# -eq 0
+       if [ $# -eq 0 ]
        then
-               if test -e $IPSEC_PLUTO_PID
+               if [ -e $IPSEC_PLUTO_PID ]
                then
                        $IPSEC_WHACK "--$op"
+                       rc="$?"
                fi
-               if test -e $IPSEC_CHARON_PID
+               if [ -e $IPSEC_CHARON_PID ]
                then
                        $IPSEC_STROKE "$op"
+                       rc="$?"
                fi
        else
-               if test -e $IPSEC_PLUTO_PID
+               if [ -e $IPSEC_PLUTO_PID ]
                then
                        $IPSEC_WHACK --name "$1" "--$op"
+                       rc="$?"
                fi
-               if test -e $IPSEC_CHARON_PID
+               if [ -e $IPSEC_CHARON_PID ]
                then
                        $IPSEC_STROKE "$op" "$1"
+                       rc="$?"
                fi
        fi
-       exit 0
+       exit "$rc"
        ;;
 stop)
-       if test -e $IPSEC_STARTER_PID 
+       if [ -e $IPSEC_STARTER_PID ]
        then
-           echo "Stopping strongSwan IPsec..." >&2
-           kill `cat $IPSEC_STARTER_PID`
+               echo "Stopping strongSwan IPsec..." >&2
+               kill `cat $IPSEC_STARTER_PID`
+               exit 0
        else
-           echo "ipsec starter is not running" >&2
+               echo "ipsec starter is not running" >&2
+               exit 7
        fi
-       exit 0
        ;;
 up)
        shift
        if [ "$#" -ne 1 ]
        then
            echo "Usage: ipsec up <connection name>"
-           exit 1
+           exit 2
        fi
-       if test -e $IPSEC_PLUTO_PID
+       rc=7
+       if [ -e $IPSEC_PLUTO_PID ]
        then
                $IPSEC_WHACK --name "$1" --initiate
+               rc="$?"
        fi
-       if test -e $IPSEC_CHARON_PID
+       if [ -e $IPSEC_CHARON_PID ]
        then
-           $IPSEC_STROKE up "$1"
+               $IPSEC_STROKE up "$1"
+               rc="$?"
        fi
-       exit 0
+       exit "$rc"
        ;;
 update)
-       if test -e $IPSEC_STARTER_PID 
+       if [ -e $IPSEC_STARTER_PID ]
        then
                echo "Updating strongSwan IPsec configuration..." >&2
                kill -s HUP `cat $IPSEC_STARTER_PID`
+               exit 0
        else
                echo "ipsec starter is not running" >&2
+               exit 7
        fi
-       exit 0
        ;;
 version|--version)
        echo "Linux $IPSEC_NAME $IPSEC_VERSION"
@@ -269,7 +308,7 @@ version|--version)
        ;;
 --*)
        echo "$0: unknown option \`$1' (perhaps command name was omitted?)" >&2
-       exit 1
+       exit 2
        ;;
 esac
 
@@ -278,13 +317,13 @@ shift
 
 path="$IPSEC_DIR/$cmd"
 
-if test ! -x "$path" 
+if [ ! -x "$path" ]
 then
     path="$IPSEC_DIR/$cmd"
-    if test ! -x "$path"
+    if [ ! -x "$path" ]
     then
        echo "$0: unknown IPsec command \`$cmd' (\`ipsec --help' for list)" >&2
-       exit 1
+       exit 2
     fi
 fi
 
index fe3c2ad..aa4095d 100644 (file)
 #include "cmp.h"
 #include "interfaces.h"
 
+/**
+ * Return codes defined by Linux Standard Base Core Specification 3.1
+ * in section 20.2. Init Script Actions
+ */
+#define LSB_RC_SUCCESS               0   /* success                          */
+#define LSB_RC_FAILURE               1   /* generic or unspecified error     */
+#define LSB_RC_INVALID_ARGUMENT      2   /* invalid or excess argument(s)    */
+#define LSB_RC_NOT_IMPLEMENTED       3   /* unimplemented feature (reload)   */
+#define LSB_RC_NOT_ALLOWED           4   /* user had insufficient privilege  */
+#define LSB_RC_NOT_INSTALLED         5   /* program is not installed         */
+#define LSB_RC_NOT_CONFIGURED        6   /* program is not configured        */
+#define LSB_RC_NOT_RUNNING           7   /* program is not running           */
+
 #define FLAG_ACTION_START_PLUTO   0x01
 #define FLAG_ACTION_UPDATE        0x02
 #define FLAG_ACTION_RELOAD        0x04
@@ -131,7 +144,7 @@ usage(char *name)
 {
     fprintf(stderr, "Usage: starter [--nofork] [--auto-update <sec>] "
            "[--debug|--debug-more|--debug-all]\n");
-    exit(1);
+    exit(LSB_RC_INVALID_ARGUMENT);
 }
 
 int main (int argc, char **argv)
@@ -205,7 +218,7 @@ int main (int argc, char **argv)
     if (getuid() != 0)
     {
        plog("permission denied (must be superuser)");
-       exit(1);
+       exit(LSB_RC_NOT_ALLOWED);
     }
 
     if (stat(PLUTO_PID_FILE, &stb) == 0)
@@ -227,13 +240,13 @@ int main (int argc, char **argv)
     if (stat(DEV_RANDOM, &stb) != 0)
     {
        plog("unable to start strongSwan IPsec -- no %s!", DEV_RANDOM);
-       exit(1);
+       exit(LSB_RC_FAILURE);
     }
 
     if (stat(DEV_URANDOM, &stb)!= 0)
     {
        plog("unable to start strongSwan IPsec -- no %s!", DEV_URANDOM);
-       exit(1);
+       exit(LSB_RC_FAILURE);
     }
 
     cfg = confread_load(CONFIG_FILE);
@@ -244,14 +257,14 @@ int main (int argc, char **argv)
        {
            confread_free(cfg);
        }
-       exit(1);
+       exit(LSB_RC_INVALID_ARGUMENT);
     }
 
     /* determine if we have a native netkey IPsec stack */
     if (!starter_netkey_init())
     {
        plog("no netkey IPSec stack detected");
-       exit(1);
+       exit(LSB_RC_FAILURE);
     }
 
     last_reload = time(NULL);
@@ -259,7 +272,7 @@ int main (int argc, char **argv)
     if (stat(STARTER_PID_FILE, &stb) == 0)
     {
        plog("starter is already running (%s exists) -- no fork done", STARTER_PID_FILE);
-       exit(0);
+       exit(LSB_RC_SUCCESS);
     }
 
     /* fork if we're not debugging stuff */
@@ -287,7 +300,7 @@ int main (int argc, char **argv)
                plog("can't fork: %s", strerror(errno));
                break;
            default:
-               exit(0);
+               exit(LSB_RC_SUCCESS);
        }
     }
 
@@ -322,7 +335,7 @@ int main (int argc, char **argv)
 #endif /* LEAK_DETECTIVE */
            close_log();
            plog("ipsec starter stopped");
-           exit(0);
+           exit(LSB_RC_SUCCESS);
        }
 
        /*
@@ -643,7 +656,6 @@ int main (int argc, char **argv)
            _action_ |= FLAG_ACTION_UPDATE;
        }
     }
-
-    return 0;
+    exit(LSB_RC_SUCCESS);
 }