#!/bin/bash

# globus-gatekeeper

#

# chkconfig: - 20 80

# description: Authorize and execute a grid service

### BEGIN INIT INFO

# Provides:          globus-gatekeeper

# Required-Start:    $remote_fs $network $time

# Required-Stop:     $remote_fs $network

# Default-Stop:      0 1 2 3 4 5 6

# Short-Description: Globus Gatekeeper

# Description:       The Globus Gatekeeper service authenticates network

#                    connections using an SSL-based protocol and then

#                    starts service instances on the remote user's behalf.

#                    It is part of the Globus Toolkit(tm)

### END INIT INFO

# Copyright 1999-2010 University of Chicago

# 

# Licensed under the Apache License, Version 2.0 (the "License");

# you may not use this file except in compliance with the License.

# You may obtain a copy of the License at

# 

# http://www.apache.org/licenses/LICENSE-2.0

# 

# Unless required by applicable law or agreed to in writing, software

# distributed under the License is distributed on an "AS IS" BASIS,

# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

# See the License for the specific language governing permissions and

# limitations under the License.

progname=globus-gatekeeper

prog=/usr/sbin/${progname}

if [ -r /etc/sysconfig/globus-gatekeeper ] ; then

    . /etc/sysconfig/globus-gatekeeper

fi

test -f ${prog} || exit 0

lockfile=/run/lock/subsys/${progname}

GLOBUS_GATEKEEPER_PIDFILE="${GLOBUS_GATEKEEPER_PIDFILE:-/run/${progname}.pid}"

GLOBUS_GATEKEEPER_PORT="${GLOBUS_GATEKEEPER_PORT:-2119}"

start() {

    status > /dev/null

    rc=$?

    if [ $rc -eq 0 ]; then

        echo "$progname is already running"

        return 0

    fi

    cert="${GLOBUS_GATEKEEPER_CERT_FILE:-/etc/grid-security/hostcert.pem}"

    if [ ! -f $cert ]; then

        echo "Error: Gatekeeper's certificate file ($cert) is missing."

        echo "Failed to start globus-gatekeeper"

        exit 6

    fi

    key="${GLOBUS_GATEKEEPER_KEY_FILE:-/etc/grid-security/hostkey.pem}"

    if [ ! -f $key ]; then

        echo "Error: Gatekeeper's private key file is ($key) is missing."

        echo "Failed to start globus-gatekeeper"

        exit 6

    fi

    if [ "${GLOBUS_GATEKEEPER_KERBEROS_ENABLED:-false}" = "true" ]; then

        kflag="-k"

    else

        kflag=""

    fi

    ${GLOBUS_GATEKEEPER_NICE_LEVEL:+nice -n "${GLOBUS_GATEKEEPER_NICE_LEVEL}"} \

    ${prog} \

        -pidfile "${GLOBUS_GATEKEEPER_PIDFILE}" \

        ${GLOBUS_GATEKEEPER_LOG_FACILITY:+-lf "$GLOBUS_GATEKEEPER_LOG_FACILITY"} \

        ${GLOBUS_GATEKEEPER_PORT:+-p "${GLOBUS_GATEKEEPER_PORT}"} \

        ${GLOBUS_GATEKEEPER_LOG:+-l "${GLOBUS_GATEKEEPER_LOG}"} \

        ${GLOBUS_GATEKEEPER_GRID_SERVICES:+-grid_services "${GLOBUS_GATEKEEPER_GRID_SERVICES}"} \

        ${GLOBUS_GATEKEEPER_GRIDMAP:+-gridmap "${GLOBUS_GATEKEEPER_GRIDMAP}"} \

        ${GLOBUS_GATEKEEPER_CERT_DIR:+-x509_cert_dir "${GLOBUS_GATEKEEPER_CERT_DIR}"} \

        ${GLOBUS_GATEKEEPER_CERT_FILE:+-x509_user_cert "${GLOBUS_GATEKEEPER_CERT_FILE}"} \

        ${GLOBUS_GATEKEEPER_KEY_FILE:+-x509_user_key "${GLOBUS_GATEKEEPER_KEY_FILE}"} \

        $kflag \

        ${GLOBUS_GATEKEEPER_KMAP:+-globuskmap "${GLOBUS_GATEKEEPER_KMAP}"} \

        > /dev/null

    rc=$?

    if [ "$rc" = 0 ]; then

        echo "Started globus-gatekeeper"

        touch "$lockfile"

    else

        echo "Failed to start globus-gatekeeper"

    fi

    return $rc;

}

stop() {

    if test -f "${GLOBUS_GATEKEEPER_PIDFILE}"; then

        read pid < "${GLOBUS_GATEKEEPER_PIDFILE}" 2> /dev/null

        if [ "$pid" -gt 0 ] 2> /dev/null; then

            if kill -0 "${pid}" 2> /dev/null; then

                kill -TERM "${pid}"

                if sleep 1 && kill -0 "${pid}" 2> /dev/null && sleep 3 && kill -0 "${pid}" 2> /dev/null;then

                    kill -KILL "${pid}"

                fi

                if kill -0 "${pid}" 2> /dev/null; then

                    echo "Failed to stop globus-gatekeeper"

                    return 1

                else

                    echo "Stopped globus-gatekeeper"

                fi

            fi

        fi

        rm -f "${GLOBUS_GATEKEEPER_PIDFILE}"

        rm -f "$lockfile"

    else

        echo "$progname is not running"

        return 0

    fi

}

restart() {

    stop

    start

}

status() {

    if test -f "${GLOBUS_GATEKEEPER_PIDFILE}"; then

        read pid <"${GLOBUS_GATEKEEPER_PIDFILE}" 2>/dev/null

        if [ "$pid" -gt 0 ] 2> /dev/null; then

            if ps -p "$pid" > /dev/null; then

                echo "globus-gatekeeper is running (pid=$pid)"

                return 0

            else

                echo "Stale PID file for globus-gatekeeper"

                return 1

            fi

        fi

    elif test -f "${lockfile}"; then

        echo "Stale lock file for globus-gatekeeper"

        return 2

    else

        echo "globus-gatekeeper is not running"

        return 3

    fi

}

case "$1" in

    start)

        start

        ;;

    stop)

        stop

        ;;

    restart)

        restart

        ;;

    reload)

        exit 0

        ;;

    force-reload)

        restart

        ;;

    status)

        status

        ;;

    condrestart|try-restart)

        status || exit 0

        restart

        ;;

    *)

        echo "Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}"

        exit 2

esac