qubes-updates-proxy 2.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121
  1. #!/bin/bash
  2. #
  3. # tinyproxy Startup script for the tinyproxy server as Qubes updates proxy
  4. #
  5. # chkconfig: - 85 15
  6. # description: small, efficient HTTP/SSL proxy daemon
  7. #
  8. # processname: tinyproxy
  9. # config: /etc/tinyproxy/tinyproxy-updates.conf
  10. # config: /etc/sysconfig/tinyproxy-updates
  11. # pidfile: /var/run/tinyproxy/tinyproxy-updates.pid
  12. #
  13. # Note: pidfile is created by tinyproxy in its config
  14. # see PidFile in the configuration file.
  15. # Source function library.
  16. . /etc/rc.d/init.d/functions
  17. # Source networking configuration.
  18. . /etc/sysconfig/network
  19. # Check that networking is up.
  20. [ "$NETWORKING" = "no" ] && exit 0
  21. exec="/usr/sbin/tinyproxy"
  22. prog=$(basename $exec)
  23. config="/etc/tinyproxy/tinyproxy-updates.conf"
  24. pidfile="/var/run/tinyproxy-updates/tinyproxy.pid"
  25. [ -e /etc/sysconfig/tinyproxy-updates ] && . /etc/sysconfig/tinyproxy-updates
  26. lockfile=/var/lock/subsys/tinyproxy-updates
  27. start() {
  28. type=`/usr/bin/qubesdb-read /qubes-vm-type`
  29. start_updates_proxy=`/usr/bin/qubesdb-read /qubes-service/qubes-updates-proxy 2>/dev/null`
  30. if [ -z "$start_updates_proxy" ] && [ "$type" != "NetVM" ] || [ "$start_updates_proxy" != "1" ]; then
  31. # Yum proxy disabled
  32. exit 0
  33. fi
  34. [ -x $exec ] || exit 5
  35. [ -f $config ] || exit 6
  36. # setup network redirection
  37. /sbin/iptables -I INPUT -i vif+ -p tcp --dport 8082 -j ACCEPT
  38. /sbin/iptables -t nat -A PR-QBS-SERVICES -i vif+ -d 10.137.255.254 -p tcp --dport 8082 -j REDIRECT
  39. echo -n $"Starting $prog (as Qubes updates proxy): "
  40. daemon $exec -c $config
  41. retval=$?
  42. echo
  43. [ $retval -eq 0 ] && touch $lockfile
  44. return $retval
  45. }
  46. stop() {
  47. echo -n $"Stopping $prog: "
  48. killproc -p $pidfile $prog
  49. retval=$?
  50. echo
  51. /sbin/iptables -t nat -D PR-QBS-SERVICES -i vif+ -d 10.137.255.254 -p tcp --dport 8082 -j REDIRECT
  52. /sbin/iptables -D INPUT -i vif+ -p tcp --dport 8082 -j ACCEPT
  53. [ $retval -eq 0 ] && rm -f $lockfile
  54. return $retval
  55. }
  56. restart() {
  57. stop
  58. start
  59. }
  60. reload() {
  61. echo -n $"Reloading $prog: "
  62. killproc -p $pidfile $prog -HUP
  63. echo
  64. }
  65. force_reload() {
  66. restart
  67. }
  68. rh_status() {
  69. status $prog
  70. }
  71. rh_status_q() {
  72. rh_status >/dev/null 2>&1
  73. }
  74. case "$1" in
  75. start)
  76. rh_status_q && exit 0
  77. $1
  78. ;;
  79. stop)
  80. rh_status_q || exit 0
  81. $1
  82. ;;
  83. restart)
  84. $1
  85. ;;
  86. reload)
  87. rh_status_q || exit 7
  88. $1
  89. ;;
  90. force-reload)
  91. force_reload
  92. ;;
  93. status)
  94. rh_status
  95. ;;
  96. condrestart|try-restart)
  97. rh_status_q || exit 0
  98. restart
  99. ;;
  100. *)
  101. echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}"
  102. exit 2
  103. esac
  104. exit $?