#!/bin/sh
### BEGIN INIT INFO
# Provides: glite-px-proxyrenewal
# Required-Start: $remote_fs $network $syslog
# Required-Stop: $remote_fs $network $syslog
# Default-Start:
# Default-Stop:
# Description: Proxyrenewal deamon
# Short-Description: Proxyrenewal deamon
### END INIT INFO
# chkconfig: - 75 25
#
# Copyright (c) Members of the EGEE Collaboration. 2004-2010.
# See http://www.eu-egee.org/partners/ for details on the copyright
# holders.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

[ -f /etc/profile.d/grid-env.sh ] && . /etc/profile.d/grid-env.sh
[ -f /etc/sysconfig/glite-px ] && . /etc/sysconfig/glite-px

GLITE_LOCATION=${GLITE_LOCATION:-'/usr'}
GLITE_LOCATION_ETC=${GLITE_LOCATION_ETC:-'/etc'}
GLITE_PX_LOCATION_VAR=${GLITE_PX_LOCATION_VAR:-'/var/glite'}
GLITE_USER=${GLITE_USER:-'glite'}
GLITE_HOME=`getent passwd ${GLITE_USER} | cut -d: -f6`
GLITE_HOST_CERT=${GLITE_HOST_CERT:-"$GLITE_HOME/.certs/hostcert.pem"}
GLITE_HOST_KEY=${GLITE_HOST_KEY:-"$GLITE_HOME/.certs/hostkey.pem"}

PROXY_REPOSITORY="$GLITE_PX_LOCATION_VAR/spool/glite-renewd"

lockfile=/var/lock/subsys/glite-proxy-renewald

unset creds

start()
{
	if test -z "$GLITE_USER" ;then
		echo 'Error: GLITE_USER is not set'
		echo FAILED
		return 1
	fi

	[ -n "$GLITE_HOST_CERT" -a -n "$GLITE_HOST_KEY" ] &&
		creds="-t $GLITE_HOST_CERT -k $GLITE_HOST_KEY"

	if test -z "$creds"; then
		if su - $GLITE_USER -c "test -r /etc/grid-security/hostkey.pem -a -r /etc/grid-security/hostcert.pem"; then
			echo "$0: WARNING: /etc/grid-security/hostkey.pem readable by $GLITE_USER"
			creds="-t /etc/grid-security/hostcert.pem -k /etc/grid-security/hostkey.pem"
		fi
	fi

	[ -z "$creds" ] &&
		echo $0: WARNING: No credentials specified. Using default lookup which is dangerous. >&2

	# workaround for VOMS_FindByVO that seems to always require user's own VOMS config file (bug #7511)
	user_voms_config=$HOME/.glite/vomses
	if [ ! -f "$user_voms_config" ]; then
		rm -f /tmp/renewal_vomses
		su - $GLITE_USER -c "touch /tmp/renewal_vomses && chmod 644 /tmp/renewal_vomses"
		user_voms_config=/tmp/renewal_vomses
	fi

	echo -n Starting ProxyRenewal Daemon: glite-proxy-renewd ...

	if [ ! -d "$PROXY_REPOSITORY" ]; then
		mkdir -p $PROXY_REPOSITORY || exit 1
		chown $GLITE_USER $PROXY_REPOSITORY
		chmod 0700 $PROXY_REPOSITORY
	fi
	
	su - $GLITE_USER -c "VOMS_USERCONF=$user_voms_config \
		$GLITE_LOCATION/bin/glite-proxy-renewd \
		-r $PROXY_REPOSITORY $creds -A $GLITE_PROXY_RENEWD_OPTIONS"

	if [ $? -eq 0 ]; then
		echo " done"
		touch $lockfile
	else
		echo " FAILED"
	fi
}

stop()
{
	echo -n "Stopping ProxyRenewal Daemon: glite-proxy-renewd ..."
	su - $GLITE_USER -c 'killall glite-proxy-renewd'
	try=0
	while su - $GLITE_USER -c 'killall -0 glite-proxy-renewd' >/dev/null 2>&1; do
		sleep 1
		try=`expr $try + 1`
		if [ $try = 10 ]; then
			echo " force quit after $try seconds"
			su - $GLITE_USER -c 'killall -9 glite-proxy-renewd'
			return 1
		fi
	done
	echo " done"
}

status()
{
	if netstat -an --unix | grep "^unix .* LISTEN.* /tmp/dgpr_renew_" >/dev/null 2>&1 ;then
		echo glite-proxy-renewd running
	else
		echo glite-proxy-renewd not running
		return 1
	fi
}

case x$1 in
	xstart) start;;
	xstop)  stop;;
	xrestart|xforce-reload) stop; start;;
	xstatus) status;;
	xcondrestart|xtry-restart)
		status >/dev/null 2>&1 || exit 0
		stop; start
		;;
	x*)	echo usage: $0 start,stop,restart,status >&2
		exit 1;;
esac
