ports/107675: security/vpnc suggest rc.d script

Dominic Fandrey lon_kamikaze at gmx.de
Mon Jan 8 11:50:13 UTC 2007 

>Number:         107675
>Category:       ports
>Synopsis:       security/vpnc suggest rc.d script
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Mon Jan 08 11:50:12 GMT 2007
>Closed-Date:
>Last-Modified:
>Originator:     Dominic Fandrey
>Release:        Releng_6
>Organization:
private
>Environment:
FreeBSD mobileKamikaze.norad 6.2-PRERELEASE FreeBSD 6.2-PRERELEASE #0: Sat Jan  6 20:03:48 CET 2007     root at homeKamikaze.norad:/usr/obj/TPR40-6/i386/usr/src/sys/TPR40-6  i386
>Description:
Vpnc doesn't come with a proper rc.d script. I have one and I suggest it's merged into the port.
>How-To-Repeat:

>Fix:
#!/bin/sh
#
# Author:	kamikaze
# Contact:	LoN_Kamikaze at gmx.de
#
# If vpnc_conf is defined, it will be treated as a list of configuration files
# in vpnc_conf_dir. This managed mode is useful where vpnc tunnels have
# to be established through other vpnc tunnels.
#

# PROVIDE: vpnc
# REQUIRE: NETWORKING
# KEYWORD: FreeBSD shutdown

# Default settings - don't change this.
: ${vpnc_enable="NO"}
: ${vpnc_flags=""}
: ${vpnc_conf=""}
# These values are only used when vpnc_conf is set.
: ${vpnc_pid_dir="/var/run"}
: ${vpnc_conf_dir="/usr/local/etc"}
: ${vpnc_record="$vpnc_pid_dir/vpnc.record"}

. /etc/rc.subr

name="vpnc"
rcvar=`set_rcvar`

command="/usr/local/sbin/$name"

vpnc_start() {
	if [ "$vpnc_conf" ]; then
		# Wait for the system to catch up. It's necessary to wait
		# a bit, if for example the device to tunnel through has
		# just been brought up.
		/bin/sleep 1

		# Make vpnc use random ports to allow multiple instances.
		vpnc_flags="$vpnc_flags --local-port 0"

		# A list of configurations is present. Connect managing
		# what is required for a clean shutdown later.
		for config in $vpnc_conf; {
			# The current configuration file.
			current="$vpnc_conf_dir/$config"
			# Start vpnc.
			$command $vpnc_flags $current

			# Give up on errors.
			status=$?
			if [ $status -ne 0 ]; then
				echo
				echo "Running 'vpnc $vpnc_flags $current' returned $status."
				return $status
			fi

			# Move files to allow a clean shutdown
			# of multiple connections.
			/bin/mv "$vpnc_pid_dir/vpnc.pid" "$vpnc_pid_dir/vpnc.$config.pid"
			/bin/mv "$vpnc_pid_dir/vpnc.defaultroute" "$vpnc_pid_dir/vpnc.$config.defaultroute" 2> /dev/null
			/bin/mv "$vpnc_pid_dir/vpnc.resolv.conf-backup" "$vpnc_pid_dir/vpnc.$config.resolv.conf-backup" 2> /dev/null
			echo "$config" >> "$vpnc_record"

			# Wait for the system to catch up.
			/bin/sleep 1
		}
	else
		# No configuration files given, run unmanaged.
		$command $vpnc_flags
		return $?
	fi
}

vpnc_stop() {
	if [ -e "$vpnc_record" ]; then
		# A record of vpnc connections is present. Attempt a
		# managed shutdown.
		for config in `/usr/bin/tail -r "$vpnc_record"`; {
			# Wait to give the system a chance to catch up with
			# recent changes.
			/bin/sleep 1

			# Move the vpnc files back into position.
			/bin/mv "$vpnc_pid_dir/vpnc.$config.pid" "$vpnc_pid_dir/vpnc.pid"
			/bin/mv "$vpnc_pid_dir/vpnc.$config.defaultroute" "$vpnc_pid_dir/vpnc.defaultroute" 2> /dev/null
			/bin/mv "$vpnc_pid_dir/vpnc.$config.resolv.conf-backup" "$vpnc_pid_dir/vpnc.resolv.conf-backup" 2> /dev/null

			# Run the disconnect command.
			$command-disconnect
		}
		# Remove the connection record.
		/bin/rm "$vpnc_record"
	else
		/bin/sleep 1
		# There's no record of connections, asume unmanaged shutdown.
		$command-disconnect
		return $?
	fi
}

start_cmd=vpnc_start
stop_cmd=vpnc_stop

load_rc_config $name
run_rc_command "$1"
>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-ports-bugs mailing list