63 lines
1.6 KiB
Bash
Executable file
63 lines
1.6 KiB
Bash
Executable file
#! /bin/sh
|
|
|
|
### BEGIN INIT INFO
|
|
# Provides: samba-ad-dc
|
|
# Required-Start: $network $local_fs $remote_fs autofs
|
|
# Required-Stop: $network $local_fs $remote_fs
|
|
# Default-Start: 2 3 4 5
|
|
# Default-Stop: 0 1 6
|
|
# Short-Description: Samba daemons for the AD DC
|
|
# Description: Meta-service to provide AD and SMB/CIFS services to clients
|
|
### END INIT INFO
|
|
|
|
NAME=samba
|
|
DAEMON=/usr/sbin/$NAME
|
|
PIDFILE=/run/samba/$NAME.pid
|
|
DESC="Samba AD DC server"
|
|
SCRIPT=samba-ad-dc
|
|
|
|
# clear conflicting settings from the environment
|
|
unset TMPDIR
|
|
|
|
test -x $DAEMON || exit 0
|
|
/usr/share/samba/is-configured $NAME || exit 0
|
|
|
|
[ -f /etc/default/samba ] && . /etc/default/samba
|
|
|
|
. /lib/lsb/init-functions
|
|
|
|
case "$1" in
|
|
(start)
|
|
# CVE-2013-4475
|
|
KEYFILE=/var/lib/samba/private/tls/key.pem
|
|
if [ -e $KEYFILE ]
|
|
then
|
|
KEYPERMS=`stat -c %a $KEYFILE`
|
|
if [ "$KEYPERMS" != "600" ]
|
|
then
|
|
echo "wrong permission on $KEYFILE, must be 600"
|
|
echo "samba will not start (CVE-2013-4475)"
|
|
echo "Removing all tls .pem files will cause an auto-regeneration with the correct permissions."
|
|
exit 1
|
|
fi
|
|
fi
|
|
log_daemon_msg "Starting $DESC" $NAME
|
|
start-stop-daemon --start --quiet --oknodo --exec $DAEMON --pidfile $PIDFILE -- -D $SAMBAOPTIONS
|
|
log_end_msg $?
|
|
;;
|
|
(stop)
|
|
log_daemon_msg "Stopping $DESC" $NAME
|
|
start-stop-daemon --stop --quiet --oknodo --exec $DAEMON --pidfile $PIDFILE
|
|
log_end_msg $?
|
|
;;
|
|
(restart|force-reload)
|
|
$0 stop && sleep 1 && $0 start
|
|
;;
|
|
(status)
|
|
status_of_proc -p $PIDFILE $DAEMON $NAME
|
|
;;
|
|
(*)
|
|
echo "Usage: /etc/init.d/$SCRIPT {start|stop|restart|force-reload|status}"
|
|
exit 1
|
|
;;
|
|
esac
|