我想知道创build一个好的脚本来启动/停止/重启一些服务是一个很好的实践。 我会尽量让自己更清楚,好吗? 现在,我做这样的事情:假设我想创build一个脚本来start/stop/restart一个服务,所以我创build一个文件夹/company/service name/然后把start.sh和stop.sh ,这是这样的:
start.sh
#!/bin/bash #VARIABLES SERVICE_NAME="<service name>" USERDEPLOYER="<service name>_deployer" FOLDER=/company/<service name>/ KEYWORD="<keyword>" # #CHECKING SYSTEM STATUS PROC=`ps -ef | grep $SERVICE_NAME | grep $KEYWORD | grep -v grep | awk -F" " '{ print $2 }'`; if [ $PROC ]; then echo "$SERVICE_NAME is running!" echo "Stop then first!" exit fi ### # #STARTING if [[ `/usr/bin/whoami` == $USERDEPLOYER ]] then pushd . echo " " echo "Starting $SERVICE_NAME..." echo "cd $FOLDER" cd $FOLDER #COMMAND <command to start the service> & sleep 20 PROC=`ps -ef | grep $SERVICE_NAME | grep $KEYWORD | grep -v grep | awk -F" " '{ print $2 }'`; if [ -n "$PROC" ] && [ "$PROC" != "" ] then echo "OK: system started." else echo "ERROR: system process not found!" fi echo "script execution finished!" popd else echo "User must be $USERDEPLOYER !" fi
stop.sh
#!/bin/bash #VARIABLES SERVICE_NAME="<service name>" USERDEPLOYER="<service name>_deployer" KEYWORD="python" if [[ `/usr/bin/whoami` == $USERDEPLOYER ]] then pushd . echo "Stopping $SERVICE_NAME......" #KILLING PROCESS processPID=`ps -ef | grep $SERVICE_NAME | grep $KEYWORD | grep -v grep | awk -F" " '{ print $2 }'` echo "Trying to kill process with key $SERVICE_NAME - ignore error messages below." kill $processPID sleep 10 while [ -n "$processPID" ] do echo "Waiting process ($processPID) to shutdown...20s" sleep 20 processPID=`ps -ef | grep $SERVICE_NAME | grep $KEYWORD | grep -v grep | awk -F" " '{ print $2 }'` done echo "Ensured process with key $SERVICE_NAME is no longer running." popd else echo "User must be $USERDEPLOYER !" fi
之后,我创build一个用户service name_deployer ,而不是给这个文件夹的所有权,这些scrits, start.sh和stop.sh ,给予read, write and execute的权限。
然后在/etc/init.d/创build以下脚本作为service name-service :
#!/bin/bash # # Linux chkconfig stuff: # # chkconfig: 2345 56 10 # 2345 56 # 2345 10 # description: <description> # Source function library. SERVICE_NAME="<service name>-service" SERVICE_USER="<service name>_deployer" FOLDER="/company/<service name>/" start() { if [[ `/usr/bin/whoami` == $SERVICE_USER ]] then cd $FOLDER ./start.sh #NOT USER _root else cd $FOLDER su $SERVICE_USER ./start.sh fi } stop() { cd $FOLDER su $SERVICE_USER ./stop.sh } #Body main case "$1" in start) start ;; stop) stop ;; restart) echo "Restarting $SERVICE_NAME..." echo " " stop sleep 10 start ;; *) echo $"Usage: $0 {start|stop|restart}" exit 1 esac exit 0
给定所有权为service name_deployer以及read, write and execute.的权限read, write and execute.
然后将服务添加到服务列表中,如下所示:/ sbin / chkconfig –add service name-service (suse和其他)或update-rc.d service name-service默认值(ubuntu)
就这样! 你们认为这是一个好方法吗? 我只是问,因为我想为这种脚本和程序创build一个很好的标准。 对不起,如果你们认为这是一个蹩脚的问题,但对我来说是非常重要的这种程序。
感谢你们!
而是使用sudo来pipe理用户访问。 按照惯例在/etc/init.d/创build一个initscript。 (Ubuntu / Debian的脚本应该使用start-stop-daemon来启动,停止重试和检查进程状态。)然后运行visudo并添加适当的条目以允许用户pipe理这个服务。 例如:
User_Alias SERVICE_USERS = bob, jane Cmnd_Alias SERVICE_CMNDS = service service-name SERVICE_USERS ALL = SERVICE_CMNDS
然后,指定的用户可以运行sudo service service-name start等。
我认为你正在创造很多不必要的复杂性,看看组成员和/ etc / sudoers文件。 使用这些工具,您可以对系统上的服务和文件提供非常特定的权限。 pipe理起来更容易,升级过程中不会出现问题,并且可以让您以更集中,更精细的方式添加和删除用户。
缺口