#!/bin/bash
#
# krb5kdc      Start and stop the Kerberos 5 servers.
#
# description: Kerberos 5 is a trusted third-party authentication system.  \
#	       This script starts and stops the server that Kerberos 5 \
#	       clients need to connect to in order to obtain credentials.
#
# processname: krb5kdc
#
# config: /etc/sysconfig/krb5kdc
#
# October 11, 2012, Michael Perzl (michael@perzl.org)
#


NAME=krb5kdc
PROG=${NAME}

PROG_BIN=/opt/freeware/sbin/${PROG}

PIDFILE=/var/run/${NAME}/${PROG}.pid


# define some generic commands
AWK=/usr/bin/awk
CAT=/usr/bin/cat
ECHO=/usr/bin/echo
GREP=/usr/bin/grep
KILL=/usr/bin/kill
MKDIR=/usr/bin/mkdir
PRINTF=/usr/bin/printf
PS=/usr/bin/ps
RM=/usr/bin/rm
SLEEP=/usr/bin/sleep


# check for missing binaries (stale symlinks should not happen)
test -x ${PROG_BIN} ||
    {
      $ECHO "${PROG_BIN} not installed"
      if [ "$1" = "stop" ] ; then
          exit 0
      else
          exit 5
      fi
    }


# source config
if [ -r /etc/sysconfig/${NAME} ] ; then
    . /etc/sysconfig/${NAME}
fi


case "$1" in
    start)
        if [ -r ${PIDFILE} ]; then
            pid=`$CAT ${PIDFILE}`
            if [ "`$PS -ef | $GREP -v grep | $GREP ${PROG} | $GREP ${pid} | $AWK '{ print $2 }' | $GREP ${pid}`" = "${pid}" ] ; then
                $ECHO "Kerberos 5 KDC daemon is already running with PID ${pid}."
                exit 1
            else
                $RM -f ${PIDFILE}
            fi
        fi

        $PRINTF "Starting Kerberos 5 KDC daemon... "
        ## start daemon and write PID to file ${PIDFILE}
        $MKDIR -p /var/run/${NAME}
        ${PROG_BIN} -r ${KRB5REALM} -P ${PIDFILE} ${KRB5KDC_ARGS}
        $ECHO "done."
        ;;
    stop)
        $PRINTF "Stopping Kerberos 5 KDC daemon... "
        ## stop daemon
        if [ -r ${PIDFILE} ]; then
            $KILL -TERM `$CAT ${PIDFILE}`
            $RM -f ${PIDFILE}
        fi
        $ECHO "done."
        ;;
    status)
        if [ -r ${PIDFILE} ]; then
            pid=`$CAT ${PIDFILE}`
            if [ "`$PS -ef | $GREP -v grep | $GREP ${PROG} | $GREP ${pid} | $AWK '{ print $2 }' | $GREP ${pid}`" = "${pid}" ] ; then
                $ECHO "Kerberos 5 KDC daemon is running with PID ${pid}."
            else
                $ECHO "Kerberos 5 KDC daemon is not running."
            fi
        else
            $ECHO "Kerberos 5 KDC daemon is not running."
        fi
        ;;
    condrestart)
        if [ -r ${PIDFILE} ]; then
            pid=`$CAT ${PIDFILE}`
            if [ "`$PS -ef | $GREP -v grep | $GREP ${PROG} | $GREP ${pid} | $AWK '{ print $2 }' | $GREP ${pid}`" = "${pid}" ] ; then
                $0 stop
	        $ECHO "Sleeping for 2 seconds for graceful krb5kdc shutdown ..."
                $SLEEP 2
                $0 start
            fi
        fi
        ;;
    restart)
	## stop the service and regardless of whether it was
	## running or not, start it again.
	$0 stop
	$ECHO "Sleeping for 2 seconds for graceful krb5kdc shutdown ..."
	$SLEEP 2
	$0 start
	;;
    reload)
        $PRINTF "Reopening Kerberos 5 KDC log file... "
        if [ -r ${PIDFILE} ]; then
            $KILL -HUP `$CAT ${PIDFILE}`
        fi
        $ECHO "done."
        ;;
    *)
	$ECHO "Usage: $0 {start|stop|status|condrestart|restart|reload}"
	exit 1
	;;
esac

