[BACK]Return to rtadvd CVS log [TXT][DIR] Up to [cvs.NetBSD.org] / src / etc / rc.d

File: [cvs.NetBSD.org] / src / etc / rc.d / rtadvd (download)

Revision 1.8, Tue Jul 9 09:34:58 2013 UTC (10 years, 8 months ago) by roy
Branch: MAIN
CVS Tags: yamt-pagecache-base9, tls-maxphys-base, tls-earlyentropy-base, tls-earlyentropy, riastradh-xf86-video-intel-2-7-1-pre-2-21-15, riastradh-drm2-base3, riastradh-drm2-base2, riastradh-drm2-base1, riastradh-drm2-base, riastradh-drm2, pgoyette-localcount-base, pgoyette-localcount-20161104, pgoyette-localcount-20160806, pgoyette-localcount-20160726, netbsd-7-nhusb-base, netbsd-7-base, netbsd-7-0-RELEASE, netbsd-7-0-RC3, netbsd-7-0-RC2, netbsd-7-0-RC1, netbsd-7-0-2-RELEASE, netbsd-7-0-1-RELEASE, localcount-20160914
Branch point for: pgoyette-localcount, netbsd-7-nhusb, netbsd-7-0, netbsd-7
Changes since 1.7: +38 -7 lines

Add _rtadvd user and group.
Add a chroot dir for the _rtadvd user.
Drop privs to the user _rtadvd after acquiring our socket.
When rc.d/rtadvd starts or reloads, the rtadvd config file is copied
into the chroot before starting or reloading rtadvd itself.
Create a symlink from /var/run/rtadvd.dump to the chroot

Inital idea from OpenBSD patch rtadvd.c r1.36

#!/bin/sh
#
# $NetBSD: rtadvd,v 1.8 2013/07/09 09:34:58 roy Exp $
#

# PROVIDE: rtadvd
# REQUIRE: DAEMON
# BEFORE:  LOGIN

$_rc_subr_loaded . /etc/rc.subr

name=rtadvd
rcvar=$name
command="/usr/sbin/$name"
pidfile="/var/run/$name.pid"
extra_commands=reload
start_precmd=rtadvd_prestart
reload_precmd=rtadvd_prereload

rtadvd_prereload()
{
	local chdir="$(getent passwd _rtadvd | cut -d: -f6)"
	local conf=/etc/rtadvd.conf myflags o confdir
	
	[ -z "$chdir" -o "$chdir" = / ] && return 0

	if [ -n "$flags" ]; then
		myflags=$flags
	else
		eval myflags=\$${name}_flags
	fi
	set -- ${myflags}
	while getopts c:dDfM:Rs o; do
		case "$1" in
		-c)	conf="$OPTARG";;
		esac
		shift
	done
	confdir=$(dirname "$conf")
	
	echo "$name: copying $conf to $chdir$conf"
	cp "$conf" "$chdir$conf"

	# Provide a link to the chrooted dump file
	ln -snf "$chdir/var/run/$name.dump" /var/run
}

rtadvd_prestart()
{
	if [ "$ip6mode" != router ]; then
		warn \
	"${name} cannot be used on IPv6 host, only on an IPv6 router."
		return 1
	fi

	rtadvd_prereload
}

load_rc_config $name
run_rc_command "$1"