mirror of
https://github.com/Icinga/icinga2.git
synced 2026-02-03 20:40:17 -05:00
51ec73cbd9
In contrast to the regular `kill` binary, `icinga2 internal signal` drops permissions before sending the signal. This is important as the PID file can be written by the Icinga user, dropping the permissions prevents that user from using this to send signals to processes it is not supposed to signal. SIGUSR1 wasn't among the list of signals supported by `icinga2 internal signal`, so it is added there.
52 lines
1,007 B
CMake
52 lines
1,007 B
CMake
#!/bin/sh
|
|
|
|
# Load sysconf on systems where the initsystem does not pass the environment
|
|
if [ "$1" != "" ]; then
|
|
if [ -r "$1" ]; then
|
|
. "$1"
|
|
else
|
|
echo "Unable to read sysconf from '$1'. Exiting."
|
|
exit 6
|
|
fi
|
|
fi
|
|
|
|
# Set defaults, to overwrite see "@ICINGA2_SYSCONFIGFILE@"
|
|
|
|
: "${ICINGA2_PID_FILE:="@ICINGA2_FULL_INITRUNDIR@/icinga2.pid"}"
|
|
: "${DAEMON:="@CMAKE_INSTALL_FULL_SBINDIR@/icinga2"}"
|
|
|
|
printf "Validating config files: "
|
|
|
|
OUTPUTFILE=`mktemp`
|
|
|
|
if type selinuxenabled >/dev/null 2>&1; then
|
|
if selinuxenabled; then
|
|
chcon -t icinga2_tmp_t "$OUTPUTFILE" >/dev/null 2>&1
|
|
fi
|
|
fi
|
|
|
|
if ! "$DAEMON" daemon --validate --color > "$OUTPUTFILE"; then
|
|
echo "Failed"
|
|
|
|
cat "$OUTPUTFILE"
|
|
rm -f "$OUTPUTFILE"
|
|
exit 1
|
|
fi
|
|
|
|
echo "Done"
|
|
rm -f "$OUTPUTFILE"
|
|
|
|
printf "Reloading Icinga 2: "
|
|
|
|
if [ ! -e "$ICINGA2_PID_FILE" ]; then
|
|
exit 7
|
|
fi
|
|
|
|
pid=`cat "$ICINGA2_PID_FILE"`
|
|
if ! "$DAEMON" internal signal --sig SIGHUP --pid "$pid" >/dev/null 2>&1; then
|
|
echo "Error: Icinga not running"
|
|
exit 7
|
|
fi
|
|
|
|
echo "Done"
|
|
exit 0
|