Solved Error after Modifying an rc.d Script for Step-CA

[SomePoorBastard]

I'm running the FreeBSD ports package of SmallStep (security/step-certificates) and want to make it easier to toggle "debugging" information in the log output. The step-ca executable needs an Environment Variable called STEPDEBUG set to 1 for it to output this information (Configuring `step-ca` - Environment Variables).

So I thought I'd try my hand and see how well I'd do modifying the rc.d shell script included with the package (step_ca.in) to implement this functionality. The idea is to set a variable in the rc.conf.d/step_ca configuration file such as step_ca_debug_mode and use a number to represent this mode.

The parts I've modified are:

Spoiler: 1. Adding to the initial description

# step_ca_debug_mode (str):            Set to 0 by default.
#                                Set to 1 to enable extra diagnostic information for debugging.

Spoiler: 2. Adding the debug flag check and insertion into the environment that the step-ca command runs in.

name="step_ca"
desc="SmallStep Certificate Authority Service"
rcvar="step_ca_enable"

load_rc_config $name

: ${step_ca_enable:="NO"}
: ${step_ca_user:="step"}
: ${step_ca_group:="step"}
: ${step_ca_stepdir:="/usr/local/etc/step"}
: ${step_ca_steppath:="${step_ca_stepdir}/ca"}
: ${step_ca_password:="${step_ca_stepdir}/password.txt"}
: ${step_ca_debug_mode:=0}

if [ step_ca_debug_mode -eq 0 ]; then
    echo "Debugging is off (0)"
elif [ step_ca_debug_mode -eq 1 ]; then
    echo "Debugging is on (1)"
else
    echo "Invalid debugging mode set: (${step_ca_debug_mode})"
    echo "Debugging will be set to off (0)"
    step_ca_debug_mode:="0"
fi

: ${step_ca_env:="STEPPATH=${step_ca_steppath} STEPDEBUG=${step_ca_debug_mode}"}

pidfile="/var/run/${name}.pid"
step_ca_command="/usr/local/sbin/step-ca"
step_ca_config="\
    ${step_ca_steppath}/config/ca.json \
    --password-file ${step_ca_password}"

command="/usr/sbin/daemon"
command_args="-S -c \
        -P $pidfile \
        -t $name \
        -T $name \
        $step_ca_command $step_ca_config"

start_precmd=step_ca_startprecmd
start_postcmd=step_ca_postcmd

Evidently I've misunderstood how these shell variables are being interpreted. It appears the shell variable isn't being recognized or picked up when making the comparisons. Does anyone know what I've missed when adding this variable?

root@ca-prod:/usr/local/etc/rc.d # service step_ca status
[: step_ca_debug_mode: bad number
[: step_ca_debug_mode: bad number
Invalid debugging mode set: (0)
Debugging will be set to off (0)
/usr/local/etc/rc.d/step_ca: step_ca_debug_mode:=0: not found
step_ca is not running.

 

[SomePoorBastard]

I don't know if this is a convention with rc.d scripts, but adding the `$` character to the variable names in the if statements where step_ca_debug_mode is checked resolved the issue. I've tested and confirmed the script works as expected when I made the change above.