/etc/init.d/shibd is in libapache2-mod-shib2 2.4.3+dfsg-2ubuntu1.
This file is owned by root:root, with mode 0o755.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 | #! /bin/sh
### BEGIN INIT INFO
# Provides: shibd
# Required-Start: $local_fs $remote_fs $network
# Required-Stop: $local_fs $remote_fs
# Default-Start: 2 3 4 5
# Default-Stop:
# Short-Description: Shibboleth 2 Service Provider Daemon
# Description: Starts the separate daemon used by the Shibboleth
# Apache module to manage sessions and to retrieve
# attributes from Shibboleth Identity Providers.
### END INIT INFO
#
# Written by Quanah Gibson-Mount <quanah@stanford.edu>
# Modified by Lukas Haemmerle <lukas.haemmerle@switch.ch> for Shibboleth 2
# Based on the dh-make template written by:
#
# Written by Miquel van Smoorenburg <miquels@cistron.nl>.
# Modified for Debian
# by Ian Murdock <imurdock@gnu.ai.mit.edu>.
PATH=/sbin:/bin:/usr/sbin:/usr/bin
DESC="Shibboleth 2 daemon"
NAME=shibd
SHIB_HOME=/usr
SHIBSP_CONFIG=/etc/shibboleth/shibboleth2.xml
LD_LIBRARY_PATH=/usr/lib
DAEMON=/usr/sbin/$NAME
SCRIPTNAME=/etc/init.d/$NAME
PIDFILE=/var/run/shibboleth/$NAME.pid
DAEMON_OPTS=""
DAEMON_USER=_shibd
# Force removal of socket
DAEMON_OPTS="$DAEMON_OPTS -f"
# Use defined configuration file
DAEMON_OPTS="$DAEMON_OPTS -c $SHIBSP_CONFIG"
# Specify pid file to use
DAEMON_OPTS="$DAEMON_OPTS -p $PIDFILE"
# Specify wait time to use
DAEMON_OPTS="$DAEMON_OPTS -w 30"
# Exit if the package is not installed.
[ -x "$DAEMON" ] || exit 0
# Read configuration if it is present.
[ -r /etc/default/$NAME ] && . /etc/default/$NAME
# Get the setting of VERBOSE and other rcS variables.
[ -f /etc/default/rcS ] && . /etc/default/rcS
prepare_environment () {
# Ensure /var/run/shibboleth exists. /var/run may be on a tmpfs file system.
[ -d '/var/run/shibboleth' ] || mkdir -p '/var/run/shibboleth'
# If $DAEMON_USER is set, try to run shibd as that user. However,
# versions of the Debian package prior to 2.3+dfsg-1 ran shibd as root,
# and the local administrator may not have made the server's private key
# readable by $DAEMON_USER. We therefore test first by running shibd -t
# and looking for the error code indicating that the private key could not
# be read. If we get that error, we fall back on running shibd as root.
if [ -n "$DAEMON_USER" ]; then
DIAG=$(su -s $DAEMON $DAEMON_USER -- -t $DAEMON_OPTS 2>/dev/null)
if [ $? = 0 ] ; then
# openssl errstr 200100D (hex for 33558541) says:
# error:0200100D:system library:fopen:Permission denied
ERROR='ERROR OpenSSL : error code: 33558541 '
if echo "$DIAG" | fgrep -q "$ERROR" ; then
unset DAEMON_USER
echo "$NAME warning: file permissions require running as root"
else
chown -Rh "$DAEMON_USER" '/var/run/shibboleth' '/var/log/shibboleth'
fi
else
unset DAEMON_USER
echo "$NAME error: unable to run config check as user $DAEMON_USER"
fi
unset DIAG
fi
}
case "$1" in
start)
prepare_environment
# Don't start shibd if NO_START is set.
if [ "$NO_START" = 1 ] ; then
echo "Not starting $DESC (see /etc/default/$NAME)"
exit 0
fi
echo -n "Starting $DESC: "
start-stop-daemon --start --quiet ${DAEMON_USER:+--chuid $DAEMON_USER} \
--pidfile $PIDFILE --exec $DAEMON -- $DAEMON_OPTS
echo "$NAME."
;;
stop)
echo -n "Stopping $DESC: "
start-stop-daemon --stop --quiet --pidfile $PIDFILE \
--exec $DAEMON
echo "$NAME."
;;
restart|force-reload)
prepare_environment
echo -n "Restarting $DESC: "
start-stop-daemon --stop --quiet --pidfile $PIDFILE \
--retry TERM/30/KILL/5 --exec $DAEMON
start-stop-daemon --start --quiet ${DAEMON_USER:+--chuid $DAEMON_USER} \
--pidfile $PIDFILE --exec $DAEMON -- $DAEMON_OPTS
echo "$NAME."
;;
*)
echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload}" >&2
exit 1
;;
esac
exit 0
|