Good pratice to create script to start/stop/restart service?

Question

I was wondering what is a good pratice to create a good script to start/stop/restart some service. I will try to make myself more clear, ok ? Nowadays, I do something like this: let's say I would like to create a script to start/stop/restart a service, so I create a folder /company/service name/ and there put the start.sh and the stop.sh, which are something like this:

start.sh

#!/bin/bash
#VARIABLES
SERVICE_NAME="<service name>"
USERDEPLOYER="<service name>_deployer"
FOLDER=/company/<service name>/
KEYWORD="<keyword>"

#
#CHECKING SYSTEM STATUS
PROC=`ps -ef | grep $SERVICE_NAME | grep $KEYWORD | grep -v grep | awk -F" " '{ print $2 }'`;

if [ $PROC ]; then
  echo "$SERVICE_NAME is running!"
  echo "Stop then first!"
  exit
fi
###
#
#STARTING
if [[ `/usr/bin/whoami` == $USERDEPLOYER ]]
  then

    pushd .
    echo " "
    echo "Starting $SERVICE_NAME..."
    echo "cd $FOLDER"
    cd $FOLDER
    #COMMAND    
    <command to start the service> &

    sleep 20
    PROC=`ps -ef | grep $SERVICE_NAME | grep $KEYWORD | grep -v grep | awk -F" " '{ print $2 }'`;

    if [ -n "$PROC" ] && [ "$PROC" != "" ]
    then
      echo "OK: system started."
    else
      echo "ERROR: system process not found!"
    fi

    echo "script execution finished!"
    popd

else
  echo "User must be $USERDEPLOYER !"
fi

stop.sh

#!/bin/bash
#VARIABLES
SERVICE_NAME="<service name>"
USERDEPLOYER="<service name>_deployer"
KEYWORD="python"

if [[ `/usr/bin/whoami` == $USERDEPLOYER ]]
  then

    pushd .
    echo "Stopping $SERVICE_NAME......"

    #KILLING PROCESS
    processPID=`ps -ef | grep $SERVICE_NAME | grep $KEYWORD | grep -v grep | awk -F" " '{ print $2 }'`
    echo "Trying to kill process with key $SERVICE_NAME - ignore error messages below."
    kill $processPID
    sleep 10

    while [ -n "$processPID" ]
      do
    echo "Waiting process ($processPID) to shutdown...20s"
    sleep 20
        processPID=`ps -ef | grep $SERVICE_NAME | grep $KEYWORD | grep -v grep | awk -F" " '{ print $2 }'`
      done

    echo "Ensured process with key $SERVICE_NAME is no longer running."
    popd

else
  echo "User must be $USERDEPLOYER !"
fi

After that I create an user service name_deployer, than give the ownership to this folder and these scrits, start.sh and stop.sh, giving the permission to read, write and execute as well.

Then create the follow script in /etc/init.d/ as service name-service :

#!/bin/bash
#
#   Linux chkconfig stuff:
#
#   chkconfig: 2345 56 10
#   2345 56  
#   2345 10  
#   description: <description>
# Source function library.
SERVICE_NAME="<service name>-service"
SERVICE_USER="<service name>_deployer"
FOLDER="/company/<service name>/"

start() {

if [[ `/usr/bin/whoami` == $SERVICE_USER ]]
then
  cd $FOLDER
  ./start.sh

#NOT USER _root
else 
  cd $FOLDER
  su $SERVICE_USER ./start.sh
fi
}

stop() {
  cd $FOLDER
  su $SERVICE_USER ./stop.sh
}

#Body main
case "$1" in
  start)
    start
    ;;
  stop)
    stop
    ;;
  restart)
    echo "Restarting $SERVICE_NAME..."
    echo " "
    stop
    sleep 10
    start
    ;;
  *)
    echo $"Usage: $0 {start|stop|restart}"
    exit 1
esac
exit 0

Given the ownership to service name_deployer and the permission to read, write and execute.

Then add the service to the list of services like this: /sbin/chkconfig --add service name-service (suse and others) or update-rc.d service name-service defaults (ubuntu)

And that's all! Did you guys think this is a good approach ? I'm just asking 'cause I would like to create a good standard to this kind of scripts and procedures. Sorry if you guys think this is a lame question but for me is very important this kind of procedure.

Thank you guys!

I think you may be recreating the wheel, what's wrong with adding users to groups, then giving those groups the ability to stop and restart services through the sudoers file? — NickW, Feb 08 '13 at 11:47
@NickW, I should create the user and add to which group ? And how can I do this via command line ? (I'm new in Linux) =] — Valter Silva, Feb 08 '13 at 15:56
Well, you could create a group like pythonr and add the users who need to restart the service to that group. Then you could use sudoers. Type visudo. Add a Cmnd_Alias PYTHON = /etc/init.d/python (or whatever the script is to stop and restart python). Then add a line like %pythonr ALL=NOPASSWD: PYTHON. that means a user in the pythonr group can type sudo /etc/init.d/python stop, without having to enter their password. There's plenty of info on sudoers out there. — NickW, Feb 08 '13 at 16:54

score 1 · Accepted Answer · answered Feb 08 '13 at 20:00

Rather use sudo to manage user access. Create an initscript in /etc/init.d/ following the usual conventions. (Scripts for Ubuntu/Debian should use start-stop-daemon for starting, stopping with retries, and checking process states.) Then run visudo and add appropriate entries to allow users to manage this service. For example:

User_Alias  SERVICE_USERS = bob, jane
Cmnd_Alias  SERVICE_CMNDS = service service-name

SERVICE_USERS ALL = SERVICE_CMNDS

The specified users can then run sudo service service-name start and so on.

Thank you very much for your answer, it makes a lot of sense. — Valter Silva, Mar 15 '13 at 12:13

score 0 · Answer 2 · answered Feb 08 '13 at 17:02

I think you are creating a lot of unnecessary complexity, have a look at group memberships, and the /etc/sudoers file. With these tools you can give very specific permissions to services and files on the system. It is easier to administer, will survive upgrades, and will allow you to add and remove users in a much more centralized, but granular manner.

Nick

Good pratice to create script to start/stop/restart service?

2 Answers2