#!/sbin/runscript

opts="${opts} reload"

depend() {
	need net
	use dns
}

checkconfig() {
	#set the location of log files, including startup.log created by check-radiusd-config
	if ! cd /var/log/radius ; then
		eerror "Failed to change current directory to /var/log/radius"
		return 1
	fi

	if [ ! -d /var/run/radiusd ] && ! mkdir /var/run/radiusd ; then
		eerror "Failed to create /var/run/radiusd"
		return 1
	fi
	
	if [ ! -f /etc/raddb/radiusd.conf ] ; then
		eerror "No /etc/raddb/radiusd.conf file exists!"
		return 1
	fi

	if [ "`/usr/sbin/check-radiusd-config >/dev/null 2>&1; echo $?`" != "0" ] ; then
		eerror "Config not ok! (try /usr/sbin/check-radiusd-config )"
		return 1
	fi

	RADIUSD_USER=`grep '^ *user *=' /etc/raddb/radiusd.conf | cut -d ' ' -f 3`
	RADIUSD_GROUP=`grep '^ *group *=' /etc/raddb/radiusd.conf | cut -d ' ' -f 3`
	if [ -n "${RADIUSD_USER}" ] && ! getent passwd ${RADIUSD_USER} > /dev/null ; then
		eerror "${RADIUSD_USER} user missing!"
		return 1
	fi
	if [ -n "${RADIUSD_GROUP}" ] && ! getent group ${RADIUSD_GROUP} > /dev/null ; then
		eerror "${RADIUSD_GROUP} group missing!"
		return 1
	fi

	#radius.log is created before privileges drop; we need to set proper permissions on it
	[ -f radius.log ] || touch radius.log || return 1

	chown -R "${RADIUSD_USER:-root}:${RADIUSD_GROUP:-root}" . /var/run/radiusd && \
		chmod -R u+rwX,g+rX . /var/run/radiusd || return 1
}

start() {
	checkconfig || return 1

	ebegin "Starting radiusd"
	start-stop-daemon --start --quiet --exec /usr/sbin/radiusd -- ${RADIUSD_OPTS} >/dev/null
	eend $?
}

stop () {
	ebegin "Stopping radiusd"
	start-stop-daemon --stop --quiet --pidfile=/var/run/radiusd/radiusd.pid
	eend $?
}

reload () {
	ebegin "Reloading radiusd"
	kill -HUP `</var/run/radiusd/radiusd.pid`
	eend $?
}