我想知道创建一个好的脚本来启动/停止/重新启动某些服务的最佳做法是什么。我会尽量说得更清楚,好吗?现在,我做了这样的事情:假设我想为start/stop/restart某个服务创建一个脚本,所以我创建一个文件夹,并将和/company/service name/放在那里,如下所示:start.shstop.sh
启动脚本
#!/bin/bash
#VARIABLES
SERVICE_NAME="<service name>"
USERDEPLOYER="<service name>_deployer"
FOLDER=/company/<service name>/
KEYWORD="<keyword>"
#
#CHECKING SYSTEM STATUS
PROC=`ps -ef | grep $SERVICE_NAME | grep $KEYWORD | grep -v grep | awk -F" " '{ print $2 }'`;
if [ $PROC ]; then
echo "$SERVICE_NAME is running!"
echo "Stop then first!"
exit
fi
###
#
#STARTING
if [[ `/usr/bin/whoami` == $USERDEPLOYER ]]
then
pushd .
echo " "
echo "Starting $SERVICE_NAME..."
echo "cd $FOLDER"
cd $FOLDER
#COMMAND
<command to start the service> &
sleep 20
PROC=`ps -ef | grep $SERVICE_NAME | grep $KEYWORD | grep -v grep | awk -F" " '{ print $2 }'`;
if [ -n "$PROC" ] && [ "$PROC" != "" ]
then
echo "OK: system started."
else
echo "ERROR: system process not found!"
fi
echo "script execution finished!"
popd
else
echo "User must be $USERDEPLOYER !"
fi
停止脚本
#!/bin/bash
#VARIABLES
SERVICE_NAME="<service name>"
USERDEPLOYER="<service name>_deployer"
KEYWORD="python"
if [[ `/usr/bin/whoami` == $USERDEPLOYER ]]
then
pushd .
echo "Stopping $SERVICE_NAME......"
#KILLING PROCESS
processPID=`ps -ef | grep $SERVICE_NAME | grep $KEYWORD | grep -v grep | awk -F" " '{ print $2 }'`
echo "Trying to kill process with key $SERVICE_NAME - ignore error messages below."
kill $processPID
sleep 10
while [ -n "$processPID" ]
do
echo "Waiting process ($processPID) to shutdown...20s"
sleep 20
processPID=`ps -ef | grep $SERVICE_NAME | grep $KEYWORD | grep -v grep | awk -F" " '{ print $2 }'`
done
echo "Ensured process with key $SERVICE_NAME is no longer running."
popd
else
echo "User must be $USERDEPLOYER !"
fi
之后,我创建一个用户service name_deployer,然后赋予此文件夹和这些脚本的所有权,start.sh并stop.sh授予其权限read, write and execute。
/etc/init.d/然后以如下形式创建脚本service name-service:
#!/bin/bash
#
# Linux chkconfig stuff:
#
# chkconfig: 2345 56 10
# 2345 56
# 2345 10
# description: <description>
# Source function library.
SERVICE_NAME="<service name>-service"
SERVICE_USER="<service name>_deployer"
FOLDER="/company/<service name>/"
start() {
if [[ `/usr/bin/whoami` == $SERVICE_USER ]]
then
cd $FOLDER
./start.sh
#NOT USER _root
else
cd $FOLDER
su $SERVICE_USER ./start.sh
fi
}
stop() {
cd $FOLDER
su $SERVICE_USER ./stop.sh
}
#Body main
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
echo "Restarting $SERVICE_NAME..."
echo " "
stop
sleep 10
start
;;
*)
echo $"Usage: $0 {start|stop|restart}"
exit 1
esac
exit 0
鉴于所有权service name_deployer和许可read, write and execute.
然后将服务添加到服务列表中,如下所示:/sbin/chkconfig --add service name-service(suse 和其他)或 update-rc.d service name-servicedefaults(ubuntu)
就这些!你们觉得这是个好方法吗?我问这个问题只是因为我想为这类脚本和程序创建一个好的标准。如果你们觉得这是一个无聊的问题,我很抱歉,但对我来说,这种程序非常重要。
感谢你们!
答案1
而是使用须藤管理用户访问。按照/etc/init.d/通常的惯例创建一个启动脚本。(Ubuntu/Debian 的脚本应该使用start-stop-daemon用于启动、重试停止和检查进程状态。)然后运行visudo并添加适当的条目以允许用户管理此服务。例如:
User_Alias SERVICE_USERS = bob, jane
Cmnd_Alias SERVICE_CMNDS = service service-name
SERVICE_USERS ALL = SERVICE_CMNDS
然后指定的用户就可以运行sudo service service-name start等等。
答案2
我认为您制造了很多不必要的复杂性,请查看组成员身份和 /etc/sudoers 文件。使用这些工具,您可以为系统上的服务和文件授予非常具体的权限。它更易于管理,升级后仍能继续使用,并且允许您以更集中但更细粒度的方式添加和删除用户。
缺口