#!/bin/bash
#
# krb5kdc      Start and stop the Kerberos 5 servers.
#
# chkconfig:   - 35 65
# description: Kerberos 5 is a trusted third-party authentication system.  \
#	       This script starts and stops the server that Kerberos 5 \
#	       clients need to connect to in order to obtain credentials.
# processname: krb5kdc
# config: /etc/default/krb5kdc
# pidfile: /var/run/krb5kdc.pid
#

### BEGIN INIT INFO
# Provides: krb5kdc
# Required-Start: $local_fs $network
# Required-Stop: $local_fs $network
# Should-Start: portreserve
# Default-Start:
# Default-Stop: 0 1 2 3 4 5 6
# Short-Description: start and stop the Kerberos 5 KDC
# Description: The krb5kdc is the Kerberos 5 key distribution center, which \
#              issues credentials to Kerberos 5 clients.
### END INIT INFO

# Get config.
unset KRB5KDC_ARGS
[ -r /etc/default/krb5kdc ] && . /etc/default/krb5kdc

prog="Kerberos 5 KDC"
krb5kdc="/usr/sbin/krb5kdc"
lockfile=/var/lock/subsys/krb5kdc
pidfile=/var/run/krb5kdc.pid
PATH=/usr/lib64/krb5:/usr/lib/krb5:"${PATH}"

RETVAL=0

PID=$(/sbin/pidof -o %PPID ${krb5kdc})

# Shell functions to cut down on useless shell instances.
start() {
  [ -x ${krb5kdc} ] || exit 5

  echo -n "Starting ${prog}: "

  if [ -z "${PID}" ] ;then 
    ${krb5kdc} ${KRB5REALM:+-r ${KRB5REALM}} -P ${pidfile} ${KRB5KDC_ARGS} 2>/dev/null
    RETVAL=$?
  else
    RETVAL=1
  fi
  if test ${RETVAL} -ne 0 ; then
    if /sbin/pidof -o %PPID ${krb5kdc} > /dev/null ; then
      RETVAL=0
    fi
  fi
  if [ ${RETVAL} -eq 0 ] && touch ${lockfile} ; then
    echo -e "\t\t\t\t\t[  OK  ]\r"
  else
    echo -e "\t\t\t\t\t[FAILED]\r"
  fi
  return ${RETVAL}
}

stop() {
  echo -n "Stopping ${prog}: "
  if [ -n "${PID}" ] ;then
    kill ${PID} &>/dev/null
    RETVAL=$?
  else
    RETVAL=1
  fi
  if [ ${RETVAL} -eq 0 ] && rm -f ${lockfile} ; then
    echo -e "\t\t\t\t\t[  OK  ]\r"
  else
    echo -e "\t\t\t\t\t[FAILED]\r"
  fi
  return ${RETVAL}
}

reload(){
  echo -n "Reopening ${prog} log file: "
  if [ -n "${PID}" ] ;then
    kill ${PID} -HUP
    RETVAL=$?
  else
    RETVAL=1
  fi
  if [ ${RETVAL} -eq 0 ] ; then
    echo -e "\t\t\t\t[  OK  ]\r"
  else
    echo -e "\t\t\t\t[FAILED]\r"
  fi
  return ${RETVAL}
}

restart(){
  stop
  unset PID
  sleep 1
  start
}

status() {
  if [ -n "${PID}" ] ;then
    echo "${krb5kdc} is running in pid ${PID}."
  else
    echo "${krb5kdc} is not running."
    RETVAL=3
  fi
  return ${RETVAL}
}

condrestart(){
  [ -e ${lockfile} ] && restart
  return 0
}

# See how we were called.
case "$1" in
  start|stop|restart|reload|status|condrestart)
    $1
    ;;
  *)
  echo "Usage: $0 {start|stop|restart|reload|status|condrestart}"
  RETVAL=2
  ;;
esac

exit ${RETVAL}