aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRick Macklem <rmacklem@FreeBSD.org>2021-02-18 22:38:01 +0000
committerRick Macklem <rmacklem@FreeBSD.org>2021-02-18 22:38:01 +0000
commit2f48313ab26ef257ca8d46052a33fb6ad6abdb4f (patch)
treecb2b9da5e3c5913e91a0e65b0388632a3acf9dc8
parentb9cbc85d727214cf3e13196ab7e7564e53037f77 (diff)
downloadsrc-2f48313ab26ef257ca8d46052a33fb6ad6abdb4f.tar.gz
src-2f48313ab26ef257ca8d46052a33fb6ad6abdb4f.zip
nfs-over-tls: add rc scripts for rpc.tlsclntd and rpc.tlsservd
Add rc.d scripts that control the recently committed rpc.tlsclntd(8) and rpc.tlsservd(8) daemons. Reviewed by: gbe MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D28432
-rw-r--r--libexec/rc/rc.conf4
-rw-r--r--libexec/rc/rc.d/Makefile4
-rwxr-xr-xlibexec/rc/rc.d/tlsclntd21
-rwxr-xr-xlibexec/rc/rc.d/tlsservd25
4 files changed, 54 insertions, 0 deletions
diff --git a/libexec/rc/rc.conf b/libexec/rc/rc.conf
index d8c24853225f..55a7112b15ea 100644
--- a/libexec/rc/rc.conf
+++ b/libexec/rc/rc.conf
@@ -385,6 +385,10 @@ nfscbd_enable="NO" # NFSv4 client side callback daemon
nfscbd_flags="" # Flags for nfscbd
nfsuserd_enable="NO" # NFSv4 user/group name mapping daemon
nfsuserd_flags="" # Flags for nfsuserd
+tlsclntd_enable="NO" # Run rpc.tlsclntd needed for NFS-over-TLS mount
+tlsclntd_flags="" # Flags for rpc.tlsclntd
+tlsservd_enable="NO" # Run rpc.tlsservd needed for NFS-over-TLS nfsd
+tlsservd_flags="" # Flags for rpc.tlsservd
### Network Time Services options: ###
timed_enable="NO" # Run the time daemon (or NO).
diff --git a/libexec/rc/rc.d/Makefile b/libexec/rc/rc.d/Makefile
index a8277e08932c..1a61e89aa215 100644
--- a/libexec/rc/rc.d/Makefile
+++ b/libexec/rc/rc.d/Makefile
@@ -271,6 +271,10 @@ _opensm= opensm
.if ${MK_OPENSSL} != "no"
CONFS+= keyserv
+.if ${MK_OPENSSL_KTLS} != "no"
+CONFS+= tlsclntd \
+ tlsservd
+.endif
.endif
.if ${MK_OPENSSH} != "no"
diff --git a/libexec/rc/rc.d/tlsclntd b/libexec/rc/rc.d/tlsclntd
new file mode 100755
index 000000000000..4566ceb67abd
--- /dev/null
+++ b/libexec/rc/rc.d/tlsclntd
@@ -0,0 +1,21 @@
+#!/bin/sh
+#
+# $FreeBSD$
+#
+
+# PROVIDE: tlsclntd
+# REQUIRE: NETWORKING root mountcritlocal sysctl
+# BEFORE: nfscbd
+# KEYWORD: nojail shutdown
+
+. /etc/rc.subr
+
+name="tlsclntd"
+desc="NFS over TLS client side daemon"
+rcvar="tlsclntd_enable"
+command="/usr/sbin/rpc.${name}"
+pidfile="/var/run/rpc.${name}.pid"
+
+load_rc_config $name
+
+run_rc_command "$1"
diff --git a/libexec/rc/rc.d/tlsservd b/libexec/rc/rc.d/tlsservd
new file mode 100755
index 000000000000..cca28ed60ffe
--- /dev/null
+++ b/libexec/rc/rc.d/tlsservd
@@ -0,0 +1,25 @@
+#!/bin/sh
+#
+# $FreeBSD$
+#
+
+# PROVIDE: tlsservd
+# REQUIRE: NETWORKING root mountcritlocal sysctl
+# BEFORE: nfsd
+# KEYWORD: nojail shutdown
+
+. /etc/rc.subr
+
+name="tlsservd"
+desc="NFS over TLS server side daemon"
+rcvar="tlsservd_enable"
+command="/usr/sbin/rpc.${name}"
+
+pidfile="/var/run/rpc.${name}.pid"
+required_files="/etc/rpc.tlsservd/cert.pem /etc/rpc.tlsservd/certkey.pem"
+extra_commands="reload"
+
+
+load_rc_config $name
+
+run_rc_command "$1"