diff options
author | Rick Macklem <rmacklem@FreeBSD.org> | 2021-02-18 22:38:01 +0000 |
---|---|---|
committer | Rick Macklem <rmacklem@FreeBSD.org> | 2021-03-05 21:55:44 +0000 |
commit | 59f6f5e23c1a33ce0b335b52870fdd9c0223284a (patch) | |
tree | 9cc438a819082d9c73bee83e168efca65dd8f202 | |
parent | 2c76eebca71b8e17881dfcc01faeb0537d87e0af (diff) |
nfs-over-tls: add rc scripts for rpc.tlsclntd and rpc.tlsservd
Add rc.d scripts that control the recently committed rpc.tlsclntd(8)
and rpc.tlsservd(8) daemons.
(cherry picked from commit 2f48313ab26ef257ca8d46052a33fb6ad6abdb4f)
-rw-r--r-- | libexec/rc/rc.conf | 4 | ||||
-rw-r--r-- | libexec/rc/rc.d/Makefile | 4 | ||||
-rwxr-xr-x | libexec/rc/rc.d/tlsclntd | 21 | ||||
-rwxr-xr-x | libexec/rc/rc.d/tlsservd | 25 |
4 files changed, 54 insertions, 0 deletions
diff --git a/libexec/rc/rc.conf b/libexec/rc/rc.conf index 56d6bb30f811..53bd8c81c2d7 100644 --- a/libexec/rc/rc.conf +++ b/libexec/rc/rc.conf @@ -385,6 +385,10 @@ nfscbd_enable="NO" # NFSv4 client side callback daemon nfscbd_flags="" # Flags for nfscbd nfsuserd_enable="NO" # NFSv4 user/group name mapping daemon nfsuserd_flags="" # Flags for nfsuserd +tlsclntd_enable="NO" # Run rpc.tlsclntd needed for NFS-over-TLS mount +tlsclntd_flags="" # Flags for rpc.tlsclntd +tlsservd_enable="NO" # Run rpc.tlsservd needed for NFS-over-TLS nfsd +tlsservd_flags="" # Flags for rpc.tlsservd ### Network Time Services options: ### timed_enable="NO" # Run the time daemon (or NO). diff --git a/libexec/rc/rc.d/Makefile b/libexec/rc/rc.d/Makefile index a8277e08932c..1a61e89aa215 100644 --- a/libexec/rc/rc.d/Makefile +++ b/libexec/rc/rc.d/Makefile @@ -271,6 +271,10 @@ _opensm= opensm .if ${MK_OPENSSL} != "no" CONFS+= keyserv +.if ${MK_OPENSSL_KTLS} != "no" +CONFS+= tlsclntd \ + tlsservd +.endif .endif .if ${MK_OPENSSH} != "no" diff --git a/libexec/rc/rc.d/tlsclntd b/libexec/rc/rc.d/tlsclntd new file mode 100755 index 000000000000..4566ceb67abd --- /dev/null +++ b/libexec/rc/rc.d/tlsclntd @@ -0,0 +1,21 @@ +#!/bin/sh +# +# $FreeBSD$ +# + +# PROVIDE: tlsclntd +# REQUIRE: NETWORKING root mountcritlocal sysctl +# BEFORE: nfscbd +# KEYWORD: nojail shutdown + +. /etc/rc.subr + +name="tlsclntd" +desc="NFS over TLS client side daemon" +rcvar="tlsclntd_enable" +command="/usr/sbin/rpc.${name}" +pidfile="/var/run/rpc.${name}.pid" + +load_rc_config $name + +run_rc_command "$1" diff --git a/libexec/rc/rc.d/tlsservd b/libexec/rc/rc.d/tlsservd new file mode 100755 index 000000000000..cca28ed60ffe --- /dev/null +++ b/libexec/rc/rc.d/tlsservd @@ -0,0 +1,25 @@ +#!/bin/sh +# +# $FreeBSD$ +# + +# PROVIDE: tlsservd +# REQUIRE: NETWORKING root mountcritlocal sysctl +# BEFORE: nfsd +# KEYWORD: nojail shutdown + +. /etc/rc.subr + +name="tlsservd" +desc="NFS over TLS server side daemon" +rcvar="tlsservd_enable" +command="/usr/sbin/rpc.${name}" + +pidfile="/var/run/rpc.${name}.pid" +required_files="/etc/rpc.tlsservd/cert.pem /etc/rpc.tlsservd/certkey.pem" +extra_commands="reload" + + +load_rc_config $name + +run_rc_command "$1" |