#!/bin/sh
#
# Copyright (C) 2005-2008 Red Hat, Inc.
#
# This program is Free Software.  You may modify and/or redistribute it under
# the terms of the GNU General Public License version 2.
#
# description:  Starts and stops Red Hat Cluster and Storage Remote \
#               Configuration Interface (ricci)
# chkconfig: 2345 99 01
#

# Source function library
. /etc/init.d/functions

# Grab the network config file
. /etc/sysconfig/network

PATH=/sbin:/bin:/usr/sbin:/usr/bin
export PATH

ID="ricci"
RICCID="ricci"
PIDFILE="/var/run/ricci.pid"
LOCKFILE="/var/lock/subsys/ricci"
RUNASUSER="ricci"

SSL_PUBKEY="/var/lib/ricci/certs/cacert.pem"
SSL_PRIVKEY="/var/lib/ricci/certs/privkey.pem"

#
# Only root wants to run this...
#
[ `id -u` = 0 ] || exit 4

#
# If we're not configured, then don't start anything.
#
[ "${NETWORKING}" = "yes" ] || exit 1

ssl_certs_ok()
{
	if [ ! -f "$SSL_PRIVKEY" ] ; then
		return 1
	fi
	if [ ! -f "$SSL_PUBKEY" ] ; then
		return 2
	fi
	return 0
}

generate_ssl_certs()
{
	rm -f "$SSL_PUBKEY" "$SSL_PRIVKEY"
	echo -n "generating SSL certificates...  "
	/usr/bin/openssl genrsa -out "$SSL_PRIVKEY" 2048 >&/dev/null
	/usr/bin/openssl req -new -x509 -key "$SSL_PRIVKEY" -out "$SSL_PUBKEY" -days 1825 -config /var/lib/ricci/certs/cacert.config
	/bin/chown $RUNASUSER:$RUNASUSER "$SSL_PRIVKEY" "$SSL_PUBKEY"
	/bin/chmod 644 "$SSL_PUBKEY"
	/bin/chmod 600 "$SSL_PRIVKEY"
	ret=$?
	echo "done"
	return $ret
}


case $1 in
	start)
		service messagebus status >&/dev/null
		if [ $? -ne 0 ]; then
			service messagebus start
			service messagebus status >&/dev/null
			if [ $? -ne 0 ]; then
				echo "not starting ricci..."
				/usr/bin/logger -t $RICCID "startup failed"
				exit 1
			fi
		fi
		service oddjobd status >&/dev/null
		if [ $? -ne 0 ]; then
			service oddjobd start
			service oddjobd status >&/dev/null
			if [ $? -ne 0 ]; then
				echo "not starting ricci..."
				/usr/bin/logger -t $RICCID "startup failed"
				exit 1
			fi
		fi

		service saslauthd start >&/dev/null
		ssl_certs_ok
		if [ "1$?" != "10" ] ; then
			generate_ssl_certs
		fi

		NewUID=`grep "^$RUNASUSER:" /etc/passwd | sed -e 's/^[^:]*:[^:]*://' -e 's/:.*//'`
		echo -n $"Starting $ID: "
		daemon $RICCID -u $NewUID
		rtrn=$?
		echo

		if [ $rtrn -eq 0 ]; then
			touch "$LOCKFILE"
			/usr/bin/logger -t $RICCID "startup succeeded"
		else
			/usr/bin/logger -t $RICCID "startup failed"
		fi
	;;

	restart)
		$0 stop
		$0 start
		rtrn=$?
	;;

	status)
		status $RICCID
		rtrn=$?
	;;

	stop)
		echo -n "Shutting down $ID: "
		killproc $RICCID SIGTERM
		rtrn=$?
		if [ $rtrn -eq 0 ]; then
			sleep 8
			rm -f $PIDFILE
			rm -f $LOCKFILE
			/usr/bin/logger -t $RICCID "shutdown succeeded"
			rtrn=0
		else
			/usr/bin/logger -t $RICCID "shutdown failed"
			rtrn=1
		fi
		echo
	;;

	condrestart)
		if [ -f ${PIDFILE} ] ; then
			$0 restart
			rtrn=$?
		fi
	;;

	reload)
		rtrn=3
	;;

	*)
		echo "Usage: $0 {start|stop|status|restart|condrestart|reload}"
		rtrn=3
	;;
esac

exit $rtrn
