Hi,
as title.

my /etc/rc.d/init.d/sslh
contains this code:

PIDFILE="/home/MYUSERNAME/sslh"

start() {
        echo -n "Starting SSL-SSH-Switch: "
        if [ -f $PIDFILE ]; then
                PID=`cat $PIDFILE`
                echo sslh already running: $PID
                exit 2;
        else
                daemon --user MYUSERNAME $SSLH $OPTIONS
                RETVAL=$?
                echo
                [ $RETVAL -eq 0 ] && touch $PIDFILE
                ip rule add fwmark 0x1 lookup 100;
                ip route add local 0.0.0.0/0 dev lo table 100;
                return $RETVAL
        fi

}

stop() {
        echo -n "Shutting down SSL-SSH-Switch: "
        echo
        killproc sslh
        rm -f $PIDFILE
        ip rule del fwmark 0x1 lookup 100;
        ip route del local 0.0.0.0/0 dev lo table 100;
        return 0
}

case "$1" in
    start)
        start
        ;;
    stop)
        stop
        ;;
    status)
        status sslh
        ;;
    restart)
        stop
        start
        ;;
    *)
        echo "Usage:  {start|stop|status|restart}"
        exit 1
        ;;
esac
exit $?

if I run the
service sslh start
from a command line the PID file is correctly created,
if I run
service sslh stop
from a command line the PID file is correctly deleted.

If I reboot while the service is started, the PID file is not deleted, this means that at the next
boot the service doesn't start because it thinks that it is already started.

I don't know if the stop() method is called on reboot,
I don't see any "Shutting down SSL-SSH-Switch: " message on reboot.

Any idea on what is the problem and a possible solution to it?

Thanks.

man chkconfig

man chkconfig says that vance does not know the solution and posts here just to spam a little

I solved by creating and deleting lockfile in the start stop method.

lockfile=/var/lock/subsys/sslh

start() {
        echo -n "Starting SSL-SSH-Switch: "
        if [ -f $PIDFILE ]; then
                PID=`cat $PIDFILE`
                echo sslh already running: $PID
                exit 2;
        else
                daemon --user MYUSERNAME $SSLH $OPTIONS
                RETVAL=$?
                echo
                [ $RETVAL -eq 0 ] && touch $PIDFILE
                [ $RETVAL -eq 0 ] && touch $lockfile
                ip rule add fwmark 0x1 lookup 100;
                ip route add local 0.0.0.0/0 dev lo table 100;
                return $RETVAL
        fi

}

stop() {
        echo -n "Shutting down SSL-SSH-Switch: "
        echo
        killproc sslh
        rm -f $PIDFILE
        RETVAL=$?
        echo
        [ $RETVAL -eq 0 ] && rm -f $lockfile
        ip rule del fwmark 0x1 lookup 100;
        ip route del local 0.0.0.0/0 dev lo table 100;
        return 0
}

what I don't understand is why the default init.d script bundled with the rpm does not write
the lockfile.

You're using the old sysvinit system (which is fine) but you're doing several things incorrectly. For full details, see:

/usr/share/doc/initscripts-XXXX/sysvinitfiles

(where XXXX is the version of the package on your system)

Most important for your problem is the location of the pid and lock files. These need to be stored in /var/run and /var/lock. If the program has dropped privileges before setting these, then you should create subdirectories owned by your package in those directories.

/etc/rc.d/rc.sysinit is invoked at boot time and removes all files from /var/run and /var/lock once the disk has been checked and remounted writable, but before your start script is invoked.

You should flesh out the top of your script with the comments recommended for an initscript. The chkconfig utility uses these comments to correctly enable and disable your service. Once you've done that, use chkconfig to add your service to those started at boot time, and then you'll see it appear in the shutdown and startup list.

Can you argument more on the "several things" that I'm doing incorrectly?
I write the lockfile in the correct path:
/var/lock/subsys/sslh

but I cannot write the pidfile to /var/run since there is commands executed as a normal user and normal user can't write in that folder, so can't use /var/run folder for pidfile.

here the start() stop()

SSLH="/usr/sbin/sslh"
PIDFILE="/home/userhome/sslh"
lockfile=/var/lock/subsys/sslh


if [ -f /etc/sysconfig/sslh ]; then
        . /etc/sysconfig/sslh
fi

start() {
        echo -n "Starting SSL-SSH-Switch: "
        if [ -f $PIDFILE ]; then
                PID=`cat $PIDFILE`
                echo sslh already running: $PID
                exit 2;
        else
                daemon --user dpsoftware $SSLH $OPTIONS
                RETVAL=$?
                echo
                [ $RETVAL -eq 0 ] && touch $PIDFILE
                [ $RETVAL -eq 0 ] && touch $lockfile
                ip rule add fwmark 0x1 lookup 100;
                ip route add local 0.0.0.0/0 dev lo table 100;
                return $RETVAL
        fi

}

stop() {
        echo -n "Shutting down SSL-SSH-Switch: "
        echo
        killproc sslh
        rm -f $PIDFILE
        RETVAL=$?
        echo
        [ $RETVAL -eq 0 ] && rm -f $lockfile
        ip rule del fwmark 0x1 lookup 100;
        ip route del local 0.0.0.0/0 dev lo table 100;
        return 0
}

What else I'm doing wrong?

When you run as non-root, you need to create a subdirectory in /var/run at package installation time that's owned by your user. So your installer should mkdir /var/run/sslh owned by dpsoftware and put the pid file in that directory.

Take a look at other init scripts and you should see the comment block you should add at the top of the script. The RHEL scripts that manage initscripts look for these comments to decide what to do.

I'd include a status command to see if the service is running. Take a look at other scripts to see how that might work. If the package can change configuration while running, you should include a reload command to reload its config.

It is not clear. I haven't created the package and I don't want to edit it.