Le 13/10/2014 21:21, Andrei POPESCU a écrit :
> On Lu, 13 oct 14, 12:16:25, Erwan David wrote:
>> That's a server, and the daemons & mount must survive logout.
>
> Your ~/.profile could contain commands like
>
> sudo service my-daemon start
>
> (used 'service' on purpose, since it will work with both sysv-rc and
> systemd)
>
> How about that policy-rc.d I asked for?
>
> Kind regards,
> Andrei
Here it is
#!/bin/sh
# /usr/sbin/policy-rc.d [options] <initscript ID> <actions> [<runlevel>]
# /usr/sbin/policy-rc.d [options] --list <initscript ID> [<runlevel> ...]
# See /usr/share/doc/sysv-rc/README.policy-rc.d for documentation.
# Live example scraped from ps:
# /bin/sh /usr/sbin/policy-rc.d x11-common stop unknown
###
if [ ! -r /etc/secure_services ]; then
# No secure service -> Ok for everything
exit 0
fi
##
# Defines the secure mount point and the services which must be started
after
. /etc/secure_services
do_check(){
for test in $SECURE_SERVICES;do
if [ $1 = $test ];then
case $2 in
*start*)
if mountpoint -q $SECURE_MOUNTPOINT; then
exit 0
else
exit 101
fi;;
*rotate*)
if mountpoint -q $SECURE_MOUNTPOINT; then
exit 0
else
exit 101
fi;;
*)
exit 0
esac
fi
done
exit 0
}
if [ "X$SECURE_MOUNTPOINT" = "X" -o "X$SECURE_SERVICES" = "X" ];then
# no secure mount point or no secure service defined -> Ok for
everything
exit 0
fi
while [ $# -gt 0 ]; do
case $1 in
--list) exit 101 ;;
--quiet) shift ;;
-*) shift ;;
*) service=$1
actions=$2
do_check $service $actions
esac
done
###
# default
exit 101
And /etc/secure_services is
#####
# Mount point of encrypted file system
SECURE_MOUNTPOINT=/secure
####
# Services which need the encrypted file system
# space separated, they will be started in the order of the variable
SECURE_SERVICES="postgresql dspam slapd dovecot postfix apache2"
Attachment:
signature.asc
Description: OpenPGP digital signature