#!/bin/sh

# PROVIDE: sec
# REQUIRE: LOGIN
# KEYWORD: shutdown
#
# Sample SEC startup script for FreeBSD (contributed by Jo Rhett)
#
# Add the following lines to /etc/rc.conf to enable sec:
# sec_enable (bool):   Set to "NO" by default.
#                      Set it to "YES" to enable sec.
#
# These parameters control the first (or only) instance of sec 
# sec_flags (str):      Set to "" by default.
# sec_configfile (str): Set to "%%PREFIX%%/etc/sec.conf" by default.
#
# To handle multiple instances you can also define
# sec_instances="main auth" (list): define the instances (any string) which should be started/stopped
# sec_instance_main_flags (str): define the invocation options for the first instance
# sec_instance_main_configfile (str): define the config file for the first instance
# sec_instance_auth_flags (str): define the invocation options for the second instance
# sec_instance_auth_configfile (str): define the config file for the second instance
#   ...etc
#

. /etc/rc.subr

name="sec"
rcvar=sec_enable

command="%%PREFIX%%/bin/sec"
command_args="-detach"
command_interpreter="%%PERL%%"
extra_commands="reload"
pidfile="/var/run/sec/sec.pid"

start_precmd="sec_precmd"
reload_precmd="sec_checkconfig"
restart_precmd="sec_checkconfig"
sig_reload=HUP

load_rc_config "${name}"
[ -z "${sec_enable}" ]       && sec_enable="NO"
[ -z "${sec_flags}" ]        && sec_flags="-log=/var/log/sec.log"
[ -z "${sec_configfile}" ]   && sec_configfile="%%PREFIX%%/etc/sec.conf"

sec_precmd() {
  dn=`dirname ${pidfile}`
  if [ ! -d ${dn} ]; then
    mkdir -p ${dn}
    if [ -n $sec_user ]; then
	/usr/sbin/chown ${sec_user} ${dn}
    fi
  fi
  sec_checkconfig
}

sec_checkconfig() {
  if [ -z $instance ]
  then
    echo -n "Performing sanity check of sec configuration: "
  else
    echo -n "Performing sanity check of sec_${instance} configuration: "
  fi
  ${command} -debug=1 -testonly -conf=${sec_configfile} 2>&1 >/dev/null
  if [ $? != 0 ]; then
    echo "FAILED"
    ${command} -testonly -conf=${sec_configfile}
    return 1
  else
    echo "OK"
  fi
}

required_files="${sec_configfile}"
sec_flags="-conf=${sec_configfile} -pid=${pidfile} ${sec_flags}"

run_rc_command "$1"

# Are we handling multiple instances?
if [ ! -z "${sec_instances}" ]
then
	for instance in $sec_instances
	do
                # Iterate through all instances
                name="sec_${instance}"
                pidfile="/var/run/sec/sec_${instance}.pid"
                eval required_files=\$sec_${instance}_configfile
                eval sec_${instance}_flags="\"-conf=\$sec_${instance}_configfile -pid=\$pidfile \$sec_${instance}_flags\""

		run_rc_command "$1"
	done
fi