fi
}
+# backup_and_disable_service()
+#
+# Backup and disable service with invalid configuration.
+# Arguments: service, services_file
+#
+backup_and_disable_service () {
+
+ local serv servfile out
+ serv="$1"
+ servfile="$2"
+
+ if cp_backup_conffile -r -d $BACKUPDIR -p /etc/xinetd.d/$servfile; then
+ cp_echo "CN: Old /etc/xinetd.d/$servfile saved as $BACKUPDIR/`basename /etc/xinetd.d/$servfile`.bak."
+ fi
+
+ cp_echo "CN: Disabling service '$serv' in configuration file /etc/xinetd.d/$servfile."
+
+ out=`mktemp /etc/xinetd.d/$servfile.tmp.XXXXXX`
+ temp_files="$temp_files $out"
+
+ sed -r "/^[[:space:]]*service[[:space:]]+$serv[[:space:]]*$/,/^}/ s/^(.*)/#\1/" \
+ /etc/xinetd.d/$servfile > $out
+ rm -f /etc/xinetd.d/$servfile
+ mv "$out" "/etc/xinetd.d/$servfile"
+ chmod 644 "/etc/xinetd.d/$servfile"
+}
# Set trap for deleting all temp files.
#
if [ -f "$INETDCONF" ]; then
# Convert inetd.conf to temporary xinetd.conf file using xconv.pl tool
- /usr/sbin/xconv.pl < $INETDCONF > $CONFTMP
+ egrep -v "^#<off>#" $INETDCONF | /usr/sbin/xconv.pl > $CONFTMP || true
fi
# Parse /etc/xinetd.conf file and convert services' configuration to
#
conffile_list="$CONFTMP"
if [ -f "$CONF" ]; then
- if egrep -q "^service[[:space:]]+" "$CONF"; then
+ if egrep -q "^[[:space:]]*service[[:space:]]+" "$CONF"; then
conffile_list="$CONF $conffile_list"
xinetd_conf_did=1
fi
fi
-services_list="`cat $conffile_list | egrep "^service[[:space:]]+" | sed -r 's/service[[:space:]]+//g' | uniq`" || true
+services_list="`sed -nr 's/^[[:space:]]*service[[:space:]]+//p' $conffile_list | uniq`"
if [ -n "$services_list" ]; then
touch /etc/xinetd.d/$service || true
# cat "$CONF" "$CONFTMP" | sed -n "/^service $service/,/^}/p" | cp-update "$PKG" "/etc/xinetd.d/$service"
- cat $conffile_list | sed -rn "/^service[[:space:]]+$service/,/^}/p" >> "/etc/xinetd.d/$service"
+ sed -rn "/^[[:space:]]*service[[:space:]]+$service[[:space:]]*$/,/^}/p" \
+ $conffile_list >> "/etc/xinetd.d/$service"
need_restart=1
done
- if egrep -q "^service[[:space:]]+" "$CONFTMP"; then
+ if egrep -q "^[[:space:]]*service[[:space:]]+" "$CONFTMP"; then
cp_echo "CN: All services were converted from $INETDCONF file to separated"
cp_echo "CN: configuration files located in /etc/xinetd.d/ directory."
fi
# Remove services from /etc/xinetd.conf file
#
-cp_check_and_sed "^service[[:space:]]+" \
- "/^service[[:space:]]/,/^}/d" \
+cp_check_and_sed "^[[:space:]]*service[[:space:]]+" \
+ "/^[[:space:]]*service[[:space:]]/,/^}/d" \
"$CONF" && need_restart=1 || true
# Check if there is no defaults block in /etc/xinetd.conf
need_restart=1
fi
+# Validate services' configuration.
+#
+services_file_list="`ls -1 /etc/xinetd.d/`"
+if [ -n "$services_file_list" ]; then
+
+ for services_file in $services_file_list; do
+
+ # Get services list from $services_file
+ services_list="`sed -rn "s/^[[:space:]]*service[[:space:]]+(.*)[[:space:]]*$/\1/p" /etc/xinetd.d/$services_file`"
+
+ if [ -n "$services_list" ]; then
+
+ for service in $services_list; do
+
+ service_disable=0
+ service_block="`sed -rn "/^[[:space:]]*service[[:space:]]+$service[[:space:]]*$/,/^}/p" /etc/xinetd.d/$services_file`"
+
+ # Check service's user
+ service_user="`echo "$service_block" | sed -nr "s/^[[:space:]]*user[[:space:]]*=[[:space:]]*(.*)[[:space:]]*$/\1/p"`"
+ if [ -n "$service_user" ]; then
+
+ service_user_chk="`getent passwd "$service_user"`" || true
+ if [ -z "$service_user_chk" ]; then
+ cp_echo "CN: Error in /etc/xinetd.d/$services_file for service '$service' - user '$service_user' does not exist."
+ service_disable=1
+ fi
+ fi
+
+ # Check service's group
+ service_group="`echo "$service_block" | sed -nr "s/^[[:space:]]*group[[:space:]]*=[[:space:]]*(.*)[[:space:]]*$/\1/p"`"
+ if [ -n "$service_group" ]; then
+
+ service_group_chk="`getent passwd "$service_group"`" || true
+ if [ -z "$service_group_chk" ]; then
+ cp_echo "CN: Error in /etc/xinetd.d/$services_file for service '$service' - group '$service_group' does not exist."
+ service_disable=1
+ fi
+ fi
+
+ # Check service's binary
+ service_server="`echo "$service_block" | sed -nr "s/^[[:space:]]*server[[:space:]]*=[[:space:]]*(.*)[[:space:]]*$/\1/p"`"
+ if [ -n "$service_server" ] && [ ! -x "$service_server" ]; then
+ cp_echo "CN: Error in /etc/xinetd.d/$services_file for service '$service' - server '$service_server' does not exist."
+ service_disable=1
+ fi
+
+ if [ $service_disable -eq 1 ]; then
+ backup_and_disable_service "$service" "$services_file"
+ need_restart=1
+ fi
+ done
+ fi
+ done
+fi
+
# Remove -inetd_compat option and set INETD_COMPAT to 'No' in /etc/default/xinetd
#
if [ -f "$DEFAULT" ]; then