#!/bin/sh
#
# krb5kdc	Kerberos V5 KDC server
#
# chkconfig:	35 41 41
#
# description:	krb5kdc is a server that Kerberos IV and V5 clients \
#		need to connect to in order to obtain credentials
#
# processname: krb5kdc

# Source function library
. /etc/rc.d/init.d/functions

# Get network config
. /etc/sysconfig/network

KERBEROS_V4_MODE="none"
KERBEROS_DATABASE=/var/lib/kerberos/krb5kdc/principal

# Get service config - may override defaults
[ -f /etc/sysconfig/kerberos ] && . /etc/sysconfig/kerberos

# Check that networking is up.
if is_yes "${NETWORKING}"; then
        if [ ! -f /var/lock/subsys/network ]; then
                msg_network_down "Kerberos V5 KDC"
                exit 1
        fi
else
        exit 0
fi


# See how we were called.
case "$1" in
  start)
        if [ ! -f "${KERBEROS_DATABASE}" ] ; then
	    # It MAY be in LDAP
	    if ! grep -q 'db_library.*=.*kldap' /etc/krb5.conf ; then
	    	cat << END_OF_MSG
Kerberos database could not be found in ${KERBEROS_DATABASE}!
You have to create Kerberos database prior to running KDC server.
This can be done with:
kdb5_util create -r <kerberos_realm> -s -d ${KERBEROS_DATABASE}

See kdb5_util(8) for more information.
END_OF_MSG
		exit 1
	    fi
        fi

        # Check if the service is already running?
        if [ ! -f /var/lock/subsys/krb5kdc ]; then
                msg_starting "Kerberos V5 KDC"
                daemon krb5kdc -4 ${KERBEROS_V4_MODE} ${KERBEROS_REALM:+-r ${KERBEROS_REALM}} -d ${KERBEROS_DATABASE} $KRB5KDC_ARGS
                RETVAL=$?
                [ $RETVAL -eq 0 ] && touch /var/lock/subsys/krb5kdc
        else
                msg_already_running "Kerberos V5 KDC"
        fi
        ;;
  stop)
        if [ -f /var/lock/subsys/krb5kdc ]; then
                msg_stopping "Kerberos V5 KDC"
                killproc krb5kdc
                rm -f /var/lock/subsys/krb5kdc
        else
                msg_not_running "Kerberos V5 KDC"
        fi
        ;;
  restart)
        $0 stop
        $0 start
        exit $?
        ;;
  reload)
        if [ -f /var/lock/subsys/krb5kdc ]; then
                msg_reloading "Kerberos V5 KDC"
                killproc krb5kdc -HUP
                RETVAL=$?
        else
                msg_not_running "Kerberos V5 KDC" >&2
                RETVAL=7
        fi
        ;;
  status)
        status krb5kdc
        RETVAL=$?
        ;;
  *)
        msg_usage "$0 {start|stop|restart|reload|status}"
        exit 3
esac

exit $RETVAL

# This must be last line !
# vi:syntax=sh:tw=78:ts=8:sw=4
