Dockerize using phusion/baseimage and runit services

containers/docker/runit/bind9/run

@@ -0,0 +1,52 @@
+#!/bin/bash
+
+PATH=/sbin:/bin:/usr/sbin:/usr/bin
+
+# for a chrooted server: "-u bind -t /var/lib/named"
+# Don't modify this line, change or create /etc/default/bind9.
+OPTIONS=""
+RESOLVCONF=no
+
+test -f /etc/default/bind9 && . /etc/default/bind9
+
+test -x /usr/sbin/rndc || exit 0
+
+. /lib/lsb/init-functions
+
+check_network() {
+    if [ -x /usr/bin/uname ] && [ "X$(/usr/bin/uname -o)" = XSolaris ]; then
+	IFCONFIG_OPTS="-au"
+    else
+	IFCONFIG_OPTS=""
+    fi
+    if [ -z "$(/sbin/ifconfig $IFCONFIG_OPTS)" ]; then
+       #log_action_msg "No networks configured."
+       return 1
+    fi
+    return 0
+}
+
+log_daemon_msg "Starting domain name service..." "bind9"
+
+modprobe capability >/dev/null 2>&1 || true
+
+# dirs under /var/run can go away on reboots.
+mkdir -p /var/run/named
+chmod 775 /var/run/named
+chown root:bind /var/run/named >/dev/null 2>&1 || true
+
+if [ ! -x /usr/sbin/named ]; then
+	log_action_msg "named binary missing - not starting"
+	log_end_msg 1
+fi
+
+if ! check_network; then
+	log_action_msg "no networks configured"
+	log_end_msg 1
+fi
+
+if [ "X$RESOLVCONF" != "Xno" ] && [ -x /sbin/resolvconf ] ; then
+	echo "nameserver 127.0.0.1" | /sbin/resolvconf -a lo.named
+fi
+
+exec /usr/sbin/named -f $OPTIONS

containers/docker/runit/dovecot.sh

@@ -1,3 +0,0 @@
-#!/bin/bash
-
-/usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf &> /var/log/dovecot.log

containers/docker/runit/dovecot/run

@@ -0,0 +1,3 @@
+#!/bin/bash
+
+exec /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf

containers/docker/runit/fail2ban/run

@@ -0,0 +1,93 @@
+#!/bin/bash
+
+PATH=/usr/sbin:/usr/bin:/sbin:/bin
+DESC="authentication failure monitor"
+NAME=fail2ban
+
+# fail2ban-client is not a daemon itself but starts a daemon and
+# loads its with configuration
+#DAEMON=/usr/bin/$NAME-client
+DAEMON=/usr/bin/$NAME-server
+SCRIPTNAME=/etc/init.d/$NAME
+
+# Ad-hoc way to parse out socket file name
+SOCKFILE=`grep -h '^[^#]*socket *=' /etc/$NAME/$NAME.conf /etc/$NAME/$NAME.local 2>/dev/null \
+          | tail -n 1 | sed -e 's/.*socket *= *//g' -e 's/ *$//g'`
+[ -z "$SOCKFILE" ] && SOCKFILE='/tmp/fail2ban.sock'
+
+# Exit if the package is not installed
+[ -x "$DAEMON" ] || exit 0
+
+# Run as root by default.
+FAIL2BAN_USER=root
+
+# Read configuration variable file if it is present
+[ -r /etc/default/$NAME ] && . /etc/default/$NAME
+DAEMON_ARGS="-f $FAIL2BAN_OPTS"
+
+# Load the VERBOSE setting and other rcS variables
+[ -f /etc/default/rcS ] && . /etc/default/rcS
+
+# Predefine what can be missing from lsb source later on -- necessary to run
+# on sarge. Just present it in a bit more compact way from what was shipped
+log_daemon_msg () {
+	[ -z "$1" ] && return 1
+	echo -n "$1:"
+	[ -z "$2" ] || echo -n " $2"
+}
+
+# Define LSB log_* functions.
+# Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
+# Actually has to (>=2.0-7) present in sarge. log_daemon_msg is predefined
+#  so we must be ok
+. /lib/lsb/init-functions
+
+#
+# Shortcut function for abnormal init script interruption
+#
+report_bug()
+{
+	echo $*
+	echo "Please submit a bug report to Debian BTS (reportbug fail2ban)"
+	exit 1
+}
+
+#
+# Helper function to check if socket is present, which is often left after
+# abnormal exit of fail2ban and needs to be removed
+#
+check_socket()
+{
+	# Return
+	#	0 if socket is present and readable
+	#	1 if socket file is not present
+	#	2 if socket file is present but not readable
+	#	3 if socket file is present but is not a socket
+	[ -e "$SOCKFILE" ] || return 1
+	[ -r "$SOCKFILE" ] || return 2
+	[ -S "$SOCKFILE" ] || return 3
+	return 0
+}
+
+if [ -e "$SOCKFILE" ]; then
+	log_failure_msg "Socket file $SOCKFILE is present"
+	[ "$1" = "force-start" ] \
+		&& log_success_msg "Starting anyway as requested" \
+		|| return 2
+	DAEMON_ARGS="$DAEMON_ARGS -x"
+fi
+
+# Assure that /var/run/fail2ban exists
+[ -d /var/run/fail2ban ] || mkdir -p /var/run/fail2ban
+
+if [ "$FAIL2BAN_USER" != "root" ]; then
+	# Make the socket directory, IP lists and fail2ban log
+	# files writable by fail2ban
+	chown "$FAIL2BAN_USER" /var/run/fail2ban
+	# Create the logfile if it doesn't exist
+	touch /var/log/fail2ban.log
+	chown "$FAIL2BAN_USER" /var/log/fail2ban.log
+	find /proc/net/xt_recent -name 'fail2ban-*' -exec chown "$FAIL2BAN_USER" {} \;
+fi
+
+exec /sbin/setuser $FAIL2BAN_USER $DAEMON $DAEMON_ARGS

containers/docker/runit/mailinabox/run

@@ -0,0 +1,14 @@
+#!/bin/bash
+
+NAME=mailinabox
+DAEMON=/usr/local/bin/mailinabox-daemon
+
+export LANGUAGE=en_US.UTF-8
+export LC_ALL=en_US.UTF-8
+export LANG=en_US.UTF-8
+export LC_TYPE=en_US.UTF-8
+
+# Read configuration variable file if it is present
+[ -r /etc/default/$NAME ] && . /etc/default/$NAME
+
+exec $DAEMON 2>&1

containers/docker/runit/memcached/run

@@ -0,0 +1,18 @@
+#!/bin/sh
+
+PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
+DAEMON=/usr/bin/memcached
+
+test -x $DAEMON || exit 0
+set -e
+
+# Edit /etc/default/memcached to change this.
+ENABLE_MEMCACHED=no
+test -r /etc/default/memcached && . /etc/default/memcached
+
+echo -n "Starting $DESC: "
+if [ $ENABLE_MEMCACHED = yes ]; then
+	exec /sbin/setuser memcache $DAEMON
+else
+	exit 1
+fi

containers/docker/runit/nginx/run

@@ -0,0 +1,24 @@
+#!/bin/bash
+
+PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
+DAEMON=/usr/sbin/nginx
+NAME=nginx
+DESC=nginx
+
+# Include nginx defaults if available
+if [ -r /etc/default/nginx ]; then
+	. /etc/default/nginx
+fi
+
+test -x $DAEMON || exit 0
+
+. /lib/init/vars.sh
+. /lib/lsb/init-functions
+
+# Check if the ULIMIT is set in /etc/default/nginx
+if [ -n "$ULIMIT" ]; then
+	# Set the ulimits
+	ulimit $ULIMIT
+fi
+
+exec $DAEMON $DAEMON_OPTS -g "daemon off;"

containers/docker/runit/nsd/run

@@ -0,0 +1,30 @@
+#!/bin/bash
+set -e
+
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+NAME=nsd                  # Introduce the short server's name here
+DAEMON=/usr/sbin/$NAME    # Introduce the server's location here
+CONFFILE=/etc/nsd/nsd.conf
+DAEMON_ARGS="-d -c $CONFFILE"
+
+NSDC=/usr/sbin/nsd-control
+
+# Exit if the package is not installed
+[ -x $DAEMON ] || exit 0
+
+PIDFILE=$(nsd-checkconf -o pidfile $CONFFILE)
+
+prepare_environment() {
+    mkdir -p "$(dirname "$(/usr/sbin/nsd-checkconf -o pidfile $CONFFILE)")"
+    chown "$(/usr/sbin/nsd-checkconf -o username $CONFFILE)" "$(dirname "$(/usr/sbin/nsd-checkconf -o pidfile $CONFFILE)")"
+    mkdir -p "$(dirname "$(/usr/sbin/nsd-checkconf -o database $CONFFILE)")"
+    chown "$(/usr/sbin/nsd-checkconf -o username $CONFFILE)" "$(dirname "$(/usr/sbin/nsd-checkconf -o database $CONFFILE)")"
+}
+
+prepare_environment
+
+# Check if daemon is running
+nc -z -w 4 localhost 10222
+/usr/local/mailinabox/tools/dns_update
+
+exec $DAEMON $DAEMON_ARGS

containers/docker/runit/opendkim/run

@@ -0,0 +1,71 @@
+#!/bin/bash
+
+PATH=/sbin:/bin:/usr/sbin:/usr/bin
+DAEMON=/usr/sbin/opendkim
+NAME=opendkim
+DESC="OpenDKIM"
+RUNDIR=/var/run/$NAME
+USER=opendkim
+GROUP=opendkim
+SOCKET=local:$RUNDIR/$NAME.sock
+PIDFILE=$RUNDIR/$NAME.pid
+CONFFILE=/etc/$NAME.conf
+
+test -x $DAEMON || exit 0
+test -f $CONFFILE || exit 0
+
+# Check if mailinabox configuration files are there
+test -f /etc/opendkim/SigningTable || exit 0
+
+# Include LSB provided init functions
+. /lib/lsb/init-functions
+
+# Include opendkim defaults if available
+if [ -f /etc/default/opendkim ] ; then
+	. /etc/default/opendkim
+fi
+
+if [ -f /etc/opendkim.conf ]; then
+	CONFIG_SOCKET=`awk '$1 == "Socket" { print $2 }' /etc/opendkim.conf`
+fi
+
+# This can be set via Socket option in config file, so it's not required
+if [ -n "$SOCKET" -a -z "$CONFIG_SOCKET" ]; then
+	DAEMON_OPTS="-p $SOCKET $DAEMON_OPTS"
+fi
+
+DAEMON_OPTS="-f -x $CONFFILE -u $USER -P $PIDFILE $DAEMON_OPTS"
+
+
+# Create the run directory if it doesn't exist
+if [ ! -d "$RUNDIR" ]; then
+	install -o "$USER" -g "$GROUP" -m 755 -d "$RUNDIR" || return 2
+	[ -x /sbin/restorecon ] && /sbin/restorecon "$RUNDIR"
+fi
+
+# Clean up stale sockets
+if [ -f "$PIDFILE" ]; then
+	pid=`cat $PIDFILE`
+	if ! ps -C "$DAEMON" -s "$pid" >/dev/null; then
+		rm "$PIDFILE"
+		TMPSOCKET=""
+		if [ -n "$SOCKET" ]; then
+			TMPSOCKET="$SOCKET"
+		elif [ -n "$CONFIG_SOCKET" ]; then
+			TMPSOCKET="$CONFIG_SOCKET"
+		fi
+		if [ -n "$TMPSOCKET" ]; then
+			# UNIX sockets may be specified with or without the
+			# local: prefix; handle both
+			t=`echo $SOCKET | cut -d: -f1`
+			s=`echo $SOCKET | cut -d: -f2`
+			if [ -e "$s" -a -S "$s" ]; then
+				if [ "$t" = "$s" -o "$t" = "local" ]; then
+					rm "$s"
+				fi
+			fi
+		fi
+	fi
+fi
+
+exec $DAEMON $DAEMON_OPTS

containers/docker/runit/opendmarc/run

@@ -0,0 +1,70 @@
+#!/bin/sh
+
+PATH=/sbin:/bin:/usr/sbin:/usr/bin
+DAEMON=/usr/sbin/opendmarc
+NAME=opendmarc
+DESC="OpenDMARC"
+RUNDIR=/var/run/$NAME
+USER=opendmarc
+GROUP=opendmarc
+SOCKET=local:$RUNDIR/$NAME.sock
+PIDFILE=$RUNDIR/$NAME.pid
+CONFFILE=/etc/$NAME.conf
+
+test -x $DAEMON || exit 0
+test -f $CONFFILE || exit 0
+
+# Check if mailinabox configuration files are there
+test -f /etc/opendkim/SigningTable || exit 0
+
+# Include LSB provided init functions
+. /lib/lsb/init-functions
+
+# Include opendkim defaults if available
+if [ -f /etc/default/opendmarc ] ; then
+	. /etc/default/opendmarc
+fi
+
+if [ -f /etc/opendmarc.conf ]; then
+	CONFIG_SOCKET=`awk '$1 == "Socket" { print $2 }' /etc/opendmarc.conf`
+fi
+
+# This can be set via Socket option in config file, so it's not required
+if [ -n "$SOCKET" -a -z "$CONFIG_SOCKET" ]; then
+	DAEMON_OPTS="-p $SOCKET $DAEMON_OPTS"
+fi
+
+DAEMON_OPTS="-f -c $CONFFILE -u $USER -P $PIDFILE $DAEMON_OPTS"
+
+
+# Create the run directory if it doesn't exist
+if [ ! -d "$RUNDIR" ]; then
+	install -o "$USER" -g "$GROUP" -m 755 -d "$RUNDIR" || return 2
+	[ -x /sbin/restorecon ] && /sbin/restorecon "$RUNDIR"
+fi
+# Clean up stale sockets
+if [ -f "$PIDFILE" ]; then
+	pid=`cat $PIDFILE`
+	if ! ps -C "$DAEMON" -s "$pid" >/dev/null; then
+		rm "$PIDFILE"
+		TMPSOCKET=""
+		if [ -n "$SOCKET" ]; then
+			TMPSOCKET="$SOCKET"
+		elif [ -n "$CONFIG_SOCKET" ]; then
+			TMPSOCKET="$CONFIG_SOCKET"
+		fi
+		if [ -n "$TMPSOCKET" ]; then
+			# UNIX sockets may be specified with or without the
+			# local: prefix; handle both
+			t=`echo $SOCKET | cut -d: -f1`
+			s=`echo $SOCKET | cut -d: -f2`
+			if [ -e "$s" -a -S "$s" ]; then
+				if [ "$t" = "$s" -o "$t" = "local" ]; then
+					rm "$s"
+				fi
+			fi
+		fi
+	fi
+fi
+
+exec $DAEMON $DAEMON_OPTS

containers/docker/runit/php5-fpm/run

@@ -0,0 +1,42 @@
+#!/bin/bash
+
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+DESC="PHP5 FastCGI Process Manager"
+NAME=php5-fpm
+DAEMON=/usr/sbin/$NAME
+DAEMON_ARGS="-F --fpm-config /etc/php5/fpm/php-fpm.conf"
+PIDFILE=/var/run/php5-fpm.pid
+SCRIPTNAME=/etc/init.d/$NAME
+
+# Exit if the package is not installed
+[ -x "$DAEMON" ] || exit 0
+
+# Read configuration variable file if it is present
+[ -r /etc/default/$NAME ] && . /etc/default/$NAME
+
+# Load the VERBOSE setting and other rcS variables
+. /lib/init/vars.sh
+
+# Define LSB log_* functions.
+# Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
+. /lib/lsb/init-functions
+
+# Don't run if we are running upstart
+if init_is_upstart; then
+    exit 1
+fi
+
+#
+# Function to check the correctness of the config file
+#
+do_check()
+{
+    /usr/lib/php5/php5-fpm-checkconf || return 1
+    return 0
+}
+
+# Read configuration variable file if it is present
+[ -r /etc/default/$NAME ] && . /etc/default/$NAME
+
+do_check
+exec $DAEMON $DAEMON_ARGS

containers/docker/runit/postfix/run

@@ -0,0 +1,144 @@
+#!/bin/bash
+
+exec 1>&2
+
+PATH=/bin:/usr/bin:/sbin:/usr/sbin
+DAEMON=/usr/sbin/postfix
+NAME=Postfix
+TZ=
+unset TZ
+
+# Defaults - don't touch, edit /etc/default/postfix
+SYNC_CHROOT="y"
+
+test -f /etc/default/postfix && . /etc/default/postfix
+
+test -x $DAEMON && test -f /etc/postfix/main.cf || exit 0
+
+. /lib/lsb/init-functions
+
+configure_instance() {
+	POSTCONF="postconf"
+
+    # if you set myorigin to 'ubuntu.com' or 'debian.org', it's wrong, and annoys the admins of
+    # those domains.  See also sender_canonical_maps.
+
+    MYORIGIN=$($POSTCONF -h myorigin | tr 'A-Z' 'a-z')
+    if [ "X${MYORIGIN#/}" != "X${MYORIGIN}" ]; then
+	MYORIGIN=$(tr 'A-Z' 'a-z' < $MYORIGIN)
+    fi
+    if [ "X$MYORIGIN" = Xubuntu.com ] || [ "X$MYORIGIN" = Xdebian.org ]; then
+	log_failure_msg "Invalid \$myorigin ($MYORIGIN), refusing to start"
+	log_end_msg 1
+	exit 1
+    fi
+
+    config_dir=$($POSTCONF -h config_directory)
+    # see if anything is running chrooted.
+    NEED_CHROOT=$(awk '/^[0-9a-z]/ && ($5 ~ "[-yY]") { print "y"; exit}' ${config_dir}/master.cf)
+
+    if [ -n "$NEED_CHROOT" ] && [ -n "$SYNC_CHROOT" ]; then
+	# Make sure that the chroot environment is set up correctly.
+	oldumask=$(umask)
+	umask 022
+	queue_dir=$($POSTCONF -h queue_directory)
+	cd "$queue_dir"
+
+	# copy the CA path if specified
+	ca_path=$($POSTCONF -h smtp_tls_CApath)
+	case "$ca_path" in
+	    '') :;; # no ca_path
+	    $queue_dir/*) :;;  # skip stuff already in chroot, (and to make vim syntax happy: */)
+	    *)
+		if test -d "$ca_path"; then
+		    dest_dir="$queue_dir/${ca_path#/}"
+		    # strip any/all trailing /
+		    while [ "${dest_dir%/}" != "${dest_dir}" ]; do
+			dest_dir="${dest_dir%/}"
+		    done
+		    new=0
+		    if test -d "$dest_dir"; then
+			# write to a new directory ...
+			dest_dir="${dest_dir}.NEW"
+			new=1
+		    fi
+		    mkdir --parent ${dest_dir}
+		    # handle files in subdirectories
+		    (cd "$ca_path" && find . -name '*.pem' -print0 | cpio -0pdL --quiet "$dest_dir") 2>/dev/null ||
+		        (log_failure_msg failure copying certificates; exit 1)
+		    c_rehash "$dest_dir" >/dev/null 2>&1
+		    if [ "$new" = 1 ]; then
+			# and replace the old directory
+			rm -rf "${dest_dir%.NEW}"
+			mv "$dest_dir" "${dest_dir%.NEW}"
+		    fi
+		fi
+		;;
+	esac
+
+	# if there is a CA file, copy it
+	ca_file=$($POSTCONF -h smtp_tls_CAfile)
+	case "$ca_file" in
+	    $queue_dir/*) :;;  # skip stuff already in chroot
+	    '') # no ca_file
+		# or copy the bundle to preserve functionality
+		ca_bundle=/etc/ssl/certs/ca-certificates.crt
+		if [ -f $ca_bundle ]; then
+		    mkdir --parent "$queue_dir/${ca_bundle%/*}"
+		    cp -L "$ca_bundle" "$queue_dir/${ca_bundle%/*}"
+		fi
+		;;
+	    *)
+		if test -f "$ca_file"; then
+		    dest_dir="$queue_dir/${ca_path#/}"
+		    mkdir --parent "$dest_dir"
+		    cp -L "$ca_file" "$dest_dir"
+		fi
+		;;
+	esac
+
+	# if we're using unix:passwd.byname, then we need to add etc/passwd.
+	local_maps=$($POSTCONF -h local_recipient_maps)
+	if [ "X$local_maps" != "X${local_maps#*unix:passwd.byname}" ]; then
+	    if [ "X$local_maps" = "X${local_maps#*proxy:unix:passwd.byname}" ]; then
+		sed 's/^\([^:]*\):[^:]*/\1:x/' /etc/passwd > etc/passwd
+		chmod a+r etc/passwd
+	    fi
+	fi
+
+	FILES="etc/localtime etc/services etc/resolv.conf etc/hosts \
+	    etc/nsswitch.conf etc/nss_mdns.config"
+	for file in $FILES; do
+	    [ -d ${file%/*} ] || mkdir -p ${file%/*}
+	    if [ -f /${file} ]; then rm -f ${file} && cp /${file} ${file}; fi
+	    if [ -f  ${file} ]; then chmod a+rX ${file}; fi
+	done
+	# ldaps needs this. debian bug 572841
+	(echo /dev/random; echo /dev/urandom) | cpio -pdL --quiet . 2>/dev/null || true
+	rm -f usr/lib/zoneinfo/localtime
+	mkdir -p usr/lib/zoneinfo
+	ln -sf /etc/localtime usr/lib/zoneinfo/localtime
+
+	LIBLIST=$(for name in gcc_s nss resolv; do
+	    for f in /lib/*/lib${name}*.so* /lib/lib${name}*.so*; do
+	       if [ -f "$f" ]; then  echo ${f#/}; fi;
+	    done;
+	done)
+
+	if [ -n "$LIBLIST" ]; then
+	    for f in "$LIBLIST"; do
+		rm -f "$f"
+	    done
+	    tar cf - -C / $LIBLIST 2>/dev/null |tar xf -
+	fi
+	umask $oldumask
+    fi
+}
+configure_instance
+
+command_directory=`postconf -h command_directory`
+daemon_directory=`$command_directory/postconf -h daemon_directory`
+# make consistency check
+$command_directory/postfix check
+# run Postfix
+exec $daemon_directory/master

containers/docker/runit/postgrey/run

@@ -0,0 +1,29 @@
+#!/bin/bash
+
+PATH=/sbin:/bin:/usr/sbin:/usr/bin
+DAEMON=/usr/sbin/postgrey
+NAME=postgrey
+DESC="postfix greylisting daemon"
+
+PIDFILE=/var/run/$NAME.pid
+SCRIPTNAME=/etc/init.d/$NAME
+
+# Gracefully exit if the package has been removed.
+test -x $DAEMON || exit 0
+
+. /lib/lsb/init-functions
+
+# Read config file if it is present.
+if [ -r /etc/default/$NAME ]
+then
+    . /etc/default/$NAME
+fi
+
+POSTGREY_OPTS="--pidfile=$PIDFILE $POSTGREY_OPTS"
+if [ -z "$POSTGREY_TEXT" ]; then
+    POSTGREY_TEXT_OPT=""
+else
+    POSTGREY_TEXT_OPT="--greylist-text=$POSTGREY_TEXT"
+fi
+
+exec $DAEMON $POSTGREY_OPTS "$POSTGREY_TEXT_OPT"

containers/docker/runit/rsyslogd.sh

@@ -1,3 +0,0 @@
-#!/bin/bash
-
-rsyslogd -n

containers/docker/runit/spampd/run

@@ -0,0 +1,98 @@
+#!/bin/bash
+PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
+DESC='spam checking proxy daemon'
+NAME='spampd'
+PROGRAM=/usr/sbin/spampd
+#EXECUTABLE=`head -n 1 $PROGRAM | sed -e 's,^#![ 	]*/,/,;s,[ 	].*$,,'`
+EXECUTABLE=/usr/bin/perl
+PIDFILE=/var/run/spampd.pid
+
+if [ -f $PIDFILE ]; then
+	# If can't delete pidfile, this means process is running ...
+	rm $PIDFILE || exit 0
+fi
+
+. /lib/lsb/init-functions
+
+# set some important defaults (overridable via /etc/default/spampd)
+USERID=spampd
+GRPID=spampd
+
+if [ -f /etc/default/$NAME ]; then
+	. /etc/default/$NAME
+fi
+
+istrue () {
+    ANS=$(echo $1 | tr A-Z a-z)
+    [ "$ANS" = 'yes' -o "$ANS" = 'true' -o "$ANS" = 'enable' -o "$ANS" = '1' ]
+}
+
+#
+# find out wether to start spampd or not
+#
+istrue ${STARTSPAMPD} && STARTSPAMPD='true'
+
+#
+# Check wether the program is actually there
+#
+# return 5 as demanded by LSB 2.1 when program isn't installed.
+[  -x $PROGRAM ] || exit 5
+
+#
+# Calculate final commandline
+#
+S_TAGALL=''
+S_AWL=''
+S_LOCALONLY=''
+
+istrue "$TAGALL" \
+&& S_TAGALL='--tagall'
+
+istrue "$AUTOWHITELIST" \
+&& S_AWL='--auto-whitelist'
+
+istrue "$LOCALONLY" \
+&& S_LOCALONLY='--L'
+
+istrue "$LOGINET" \
+&& LOGTARGET="inet" \
+|| LOGTARGET="unix"
+
+ARGS="${S_LOCALONLY} ${S_AWL} ${S_TAGALL} "
+
+[ -n "${LISTENPORT}" ] && ARGS="${ARGS} --port=${LISTENPORT}"
+
+[ -n "${LISTENHOST}" ] && ARGS="${ARGS} --host=${LISTENHOST}"
+
+[ -n "${DESTPORT}" ] && ARGS="${ARGS} --relayport=${DESTPORT}"
+
+[ -n "${DESTHOST}" ] && ARGS="${ARGS} --relayhost=${DESTHOST}"
+
+[ -n "${PIDFILE}" ] && ARGS="${ARGS} --pid=${PIDFILE}"
+
+[ -n "${CHILDREN}" ] && ARGS="${ARGS} --children=${CHILDREN}"
+
+[ -n "${USERID}" ] && ARGS="${ARGS} --user=${USERID}"
+
+[ -n "${GRPID}" ] && ARGS="${ARGS} --group=${GRPID}"
+
+[ -n "${LOGTARGET}" ] && ARGS="${ARGS} --logsock=${LOGTARGET}"
+
+[ -n "${ADDOPTS}" ] && ARGS="${ARGS} ${ADDOPTS}"
+
+# Don't daemonize
+ARGS="${ARGS} --nodetach"
+
+if ! istrue "${STARTSPAMPD}"; then
+	log_warning_msg "Starting $DESC: $NAME (disabled in /etc/default/$NAME)."
+	# LSB 2.1: 6 mean unconfigured. This seems appropriate here.
+	exit 6
+fi
+log_daemon_msg "Starting $DESC" "$NAME"
+# if spampd is not installed, return 5 as demanded by LSB 2.1
+if [ ! -x $EXECUTABLE ]; then
+	log_error_msg "failed! - executable not found"
+	exit 5
+fi
+# start daemon
+exec $PROGRAM $ARGS