qubes-updates-proxy 2.6 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124
  1. #!/bin/bash
  2. #
  3. # tinyproxy Startup script for the tinyproxy server as Qubes updates proxy
  4. #
  5. # chkconfig: 345 85 15
  6. # description: small, efficient HTTP/SSL proxy daemon
  7. #
  8. # processname: tinyproxy
  9. # config: /etc/tinyproxy/tinyproxy-updates.conf
  10. # config: /etc/sysconfig/tinyproxy-updates
  11. # pidfile: /var/run/tinyproxy/tinyproxy-updates.pid
  12. #
  13. # Note: pidfile is created by tinyproxy in its config
  14. # see PidFile in the configuration file.
  15. # Source function library.
  16. . /etc/rc.d/init.d/functions
  17. # Source Qubes library.
  18. . /usr/lib/qubes/init/functions
  19. # Source networking configuration.
  20. . /etc/sysconfig/network
  21. # Check that networking is up.
  22. [ "$NETWORKING" = "no" ] && exit 0
  23. exec="/usr/sbin/tinyproxy"
  24. prog=$(basename $exec)
  25. config="/etc/tinyproxy/tinyproxy-updates.conf"
  26. pidfile="/var/run/tinyproxy-updates/tinyproxy.pid"
  27. [ -e /etc/sysconfig/tinyproxy-updates ] && . /etc/sysconfig/tinyproxy-updates
  28. lockfile=/var/lock/subsys/tinyproxy-updates
  29. start() {
  30. have_qubesdb || return
  31. if qsvc qubes-updates-proxy ; then
  32. # Yum proxy disabled
  33. exit 0
  34. fi
  35. [ -x $exec ] || exit 5
  36. [ -f $config ] || exit 6
  37. # setup network redirection
  38. /sbin/iptables -I INPUT -i vif+ -p tcp --dport 8082 -j ACCEPT
  39. /sbin/iptables -t nat -A PR-QBS-SERVICES -i vif+ -d 10.137.255.254 -p tcp --dport 8082 -j REDIRECT
  40. echo -n $"Starting $prog (as Qubes updates proxy): "
  41. daemon $exec -c $config
  42. retval=$?
  43. echo
  44. [ $retval -eq 0 ] && touch $lockfile
  45. return $retval
  46. }
  47. stop() {
  48. echo -n $"Stopping $prog: "
  49. killproc -p $pidfile "$prog"
  50. retval=$?
  51. echo
  52. /sbin/iptables -t nat -D PR-QBS-SERVICES -i vif+ -d 10.137.255.254 -p tcp --dport 8082 -j REDIRECT
  53. /sbin/iptables -D INPUT -i vif+ -p tcp --dport 8082 -j ACCEPT
  54. [ $retval -eq 0 ] && rm -f "$lockfile"
  55. return $retval
  56. }
  57. restart() {
  58. stop
  59. start
  60. }
  61. reload() {
  62. echo -n $"Reloading $prog: "
  63. killproc -p $pidfile "$prog" -HUP
  64. echo
  65. }
  66. force_reload() {
  67. restart
  68. }
  69. rh_status() {
  70. status "$prog"
  71. }
  72. rh_status_q() {
  73. rh_status >/dev/null 2>&1
  74. }
  75. case "$1" in
  76. start)
  77. rh_status_q && exit 0
  78. $1
  79. ;;
  80. stop)
  81. rh_status_q || exit 0
  82. $1
  83. ;;
  84. restart)
  85. $1
  86. ;;
  87. reload)
  88. rh_status_q || exit 7
  89. $1
  90. ;;
  91. force-reload)
  92. force_reload
  93. ;;
  94. status)
  95. rh_status
  96. ;;
  97. condrestart|try-restart)
  98. rh_status_q || exit 0
  99. restart
  100. ;;
  101. *)
  102. echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}"
  103. exit 2
  104. esac
  105. exit $?