-#! /bin/sh
-#
-### BEGIN INIT INFO
-# Provides: mumble-server
-# Required-Start: $network $local_fs $remote_fs dbus
-# Required-Stop: $network $local_fs $remote_fs dbus
-# Should-Start: $mysql
-# Should-Stop: $mysql
-# Default-Start: 2 3 4 5
-# Default-Stop: 0 1 6
-# Short-Description: Mumble VoIP Server
-### END INIT INFO
+# 0 = don't start, 1 = start
+MURMUR_DAEMON_START=1
-PATH=/sbin:/bin:/usr/sbin:/usr/bin
-NAME=mumble-server
-DESC="Mumble VoIP Server"
-PIDDIR=/var/run/$NAME
-PIDFILE=$PIDDIR/$NAME.pid
-DAEMON=/usr/sbin/murmurd
-USER=mumble-server
-GROUP=mumble-server
-
-test -x $DAEMON || exit 0
-
-INIFILE=/etc/mumble-server.ini
-DAEMON_OPTS="-ini $INIFILE"
-MURMUR_DAEMON_START=0
+# 0 = don't use capabilities, 1 = start process as root and drop to non-privileged user
+# If started as root, mumble will keep the CAP_NET_ADMIN privilege and drop
+# all others. This allows it to set high-priority TOS on outgoing IP packets.
MURMUR_USE_CAPABILITIES=0
-MURMUR_LIMIT_NOFILE=0
-
-# ECDHE Perfect Forward Secrecy on the Murmur server via an LD_PRELOAD
-# https://github.com/ultramancool/ecdhforce
-STARTSTOP="LD_PRELOAD=/var/lib/mumble-server/ecdhforce/ecdhforce.so start-stop-daemon"
-# Include murmur defaults if available
-if [ -f /etc/default/$NAME ] ; then
- . /etc/default/$NAME
-fi
+# This controls how many file descriptors the murmur process can open.
+# As a rule of thumb, you should have about 20 descriptors per virtaul
+# server and one for each client. So 30 servers with 20 clients each would
+# need at least 720 descriptors (30 * 4 + 30 * 20).
+# MURMUR_LIMIT_NOFILE=65536
-. /lib/init/vars.sh
-. /lib/lsb/init-functions
-
-if [ "$MURMUR_LIMIT_NOFILE" -gt 0 ] ; then
- ulimit -n $MURMUR_LIMIT_NOFILE
-fi
-
-case "$1" in
- start)
- if [ "$MURMUR_DAEMON_START" != "1" ] ; then
- log_warning_msg "Not starting $DESC $NAME, disabled via /etc/default/$NAME"
- exit 0
- fi
- [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
- [ -d $PIDDIR ] || install -o $USER -d $PIDDIR
- if [ "$MURMUR_USE_CAPABILITIES" != "1" ] ; then
- $STARTSTOP --start --quiet \
- --pidfile $PIDFILE \
- --chuid $USER:$GROUP \
- --exec $DAEMON \
- -- $DAEMON_OPTS
- else
- $STARTSTOP --start --quiet \
- --pidfile $PIDFILE \
- --exec $DAEMON \
- -- $DAEMON_OPTS
- fi
- case "$?" in
- 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
- 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
- esac
- ;;
- stop)
- [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
- $STARTSTOP --stop --quiet \
- --retry=TERM/30/KILL/5 \
- --pidfile $PIDFILE \
- --user $USER \
- --exec $DAEMON
- case "$?" in
- 0|1) rm -f $PIDFILE
- [ "$VERBOSE" != no ] && log_end_msg 0
- ;;
- 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
- esac
- ;;
- force-reload)
- $STARTSTOP --stop --test --quiet \
- --pidfile $PIDFILE \
- --user $USER \
- --exec $DAEMON \
- && $0 restart || exit 0
- ;;
- restart)
- [ "$VERBOSE" != no ] && log_daemon_msg "Restarting $DESC" "$NAME"
- $STARTSTOP --stop --quiet \
- --retry=TERM/30/KILL/5 \
- --pidfile $PIDFILE \
- --user $USER \
- --exec $DAEMON
- case "$?" in
- 0|1)
- [ -d $PIDDIR ] || install -o $USER -d $PIDDIR
- rm -f $PIDFILE
- if [ "$MURMUR_USE_CAPABILITIES" != "1" ] ; then
- $STARTSTOP --start --quiet \
- --pidfile $PIDFILE \
- --chuid $USER:$GROUP \
- --exec $DAEMON \
- -- $DAEMON_OPTS
- else
- $STARTSTOP --start --quiet \
- --pidfile $PIDFILE \
- --exec $DAEMON \
- -- $DAEMON_OPTS
- fi
- case "$?" in
- 0) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
- *) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
- esac
- ;;
- *)
- [ "$VERBOSE" != no ] && log_end_msg 0
- ;;
- esac
- ;;
- *)
- N=/etc/init.d/$NAME
- echo "Usage: $N {start|stop|restart|force-reload}" >&2
- exit 3
- ;;
-esac
-
-exit 0
+# ECDHE Perfect Forward Secrecy on the Murmur server via LD_PRELOAD
+# https://github.com/ultramancool/ecdhforce
+export LD_PRELOAD="/var/lib/mumble-server/ecdhforce/ecdhforce.so start-stop-daemon"
--- /dev/null
+#! /bin/sh
+#
+### BEGIN INIT INFO
+# Provides: mumble-server
+# Required-Start: $network $local_fs $remote_fs dbus
+# Required-Stop: $network $local_fs $remote_fs dbus
+# Should-Start: $mysql
+# Should-Stop: $mysql
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Mumble VoIP Server
+### END INIT INFO
+
+PATH=/sbin:/bin:/usr/sbin:/usr/bin
+NAME=mumble-server
+DESC="Mumble VoIP Server"
+PIDDIR=/var/run/$NAME
+PIDFILE=$PIDDIR/$NAME.pid
+DAEMON=/usr/sbin/murmurd
+USER=mumble-server
+GROUP=mumble-server
+
+test -x $DAEMON || exit 0
+
+INIFILE=/etc/mumble-server.ini
+DAEMON_OPTS="-ini $INIFILE"
+MURMUR_DAEMON_START=0
+MURMUR_USE_CAPABILITIES=0
+MURMUR_LIMIT_NOFILE=0
+
+# Include murmur defaults if available
+if [ -f /etc/default/$NAME ] ; then
+ . /etc/default/$NAME
+fi
+
+. /lib/init/vars.sh
+. /lib/lsb/init-functions
+
+if [ "$MURMUR_LIMIT_NOFILE" -gt 0 ] ; then
+ ulimit -n $MURMUR_LIMIT_NOFILE
+fi
+
+case "$1" in
+ start)
+ if [ "$MURMUR_DAEMON_START" != "1" ] ; then
+ log_warning_msg "Not starting $DESC $NAME, disabled via /etc/default/$NAME"
+ exit 0
+ fi
+ [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
+ [ -d $PIDDIR ] || install -o $USER -d $PIDDIR
+ if [ "$MURMUR_USE_CAPABILITIES" != "1" ] ; then
+ $start-stop-daemon --start --quiet \
+ --pidfile $PIDFILE \
+ --chuid $USER:$GROUP \
+ --exec $DAEMON \
+ -- $DAEMON_OPTS
+ else
+ $start-stop-daemon --start --quiet \
+ --pidfile $PIDFILE \
+ --exec $DAEMON \
+ -- $DAEMON_OPTS
+ fi
+ case "$?" in
+ 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+ 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+ esac
+ ;;
+ stop)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
+ $start-stop-daemon --stop --quiet \
+ --retry=TERM/30/KILL/5 \
+ --pidfile $PIDFILE \
+ --user $USER \
+ --exec $DAEMON
+ case "$?" in
+ 0|1) rm -f $PIDFILE
+ [ "$VERBOSE" != no ] && log_end_msg 0
+ ;;
+ 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+ esac
+ ;;
+ force-reload)
+ $start-stop-daemon --stop --test --quiet \
+ --pidfile $PIDFILE \
+ --user $USER \
+ --exec $DAEMON \
+ && $0 restart || exit 0
+ ;;
+ restart)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Restarting $DESC" "$NAME"
+ $start-stop-daemon --stop --quiet \
+ --retry=TERM/30/KILL/5 \
+ --pidfile $PIDFILE \
+ --user $USER \
+ --exec $DAEMON
+ case "$?" in
+ 0|1)
+ [ -d $PIDDIR ] || install -o $USER -d $PIDDIR
+ rm -f $PIDFILE
+ if [ "$MURMUR_USE_CAPABILITIES" != "1" ] ; then
+ $start-stop-daemon --start --quiet \
+ --pidfile $PIDFILE \
+ --chuid $USER:$GROUP \
+ --exec $DAEMON \
+ -- $DAEMON_OPTS
+ else
+ $start-stop-daemon --start --quiet \
+ --pidfile $PIDFILE \
+ --exec $DAEMON \
+ -- $DAEMON_OPTS
+ fi
+ case "$?" in
+ 0) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+ *) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+ esac
+ ;;
+ *)
+ [ "$VERBOSE" != no ] && log_end_msg 0
+ ;;
+ esac
+ ;;
+ *)
+ N=/etc/init.d/$NAME
+ echo "Usage: $N {start|stop|restart|force-reload}" >&2
+ exit 3
+ ;;
+esac
+
+exit 0
projects / puppet-mumble.git / commitdiff