#!/bin/sh
### BEGIN INIT INFO
-# Provides: sshd
-# Required-Start: $network $local_fs $remote_fs
-# Required-Stop:
-# Default-Start: 2 3 4 5
-# Default-Stop: 0 1 6
-# Short-Description: OpenBSD Secure Shell server
+# Provides: sshd
+# Required-Start: $remote_fs $syslog
+# Required-Stop: $remote_fs $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop: 1
+# Short-Description: OpenBSD Secure Shell server
### END INIT INFO
-# Notice: this file has been adjusted by the grml team so
-# the script supports key-generation for ssh as well
+# Notice: this file has been adjusted by the Grml team so
+# the script supports key-generation for ssh
set -e
test -x /usr/sbin/sshd || exit 0
( /usr/sbin/sshd -\? 2>&1 | grep -q OpenSSH ) 2>/dev/null || exit 0
+export SSHD_OOM_ADJUST=-17
if test -f /etc/default/ssh; then
. /etc/default/ssh
fi
+# Are we in a virtual environment that doesn't support modifying
+# /proc/self/oom_adj?
+if grep -q 'envID:.*[1-9]' /proc/self/status; then
+ unset SSHD_OOM_ADJUST
+fi
+
. /lib/lsb/init-functions
+if [ -n "$2" ]; then
+ SSHD_OPTS="$SSHD_OPTS $2"
+fi
+
# Configurable options:
KEYGEN=/usr/bin/ssh-keygen
RSA1_KEY=/etc/ssh/ssh_host_key
check_for_no_start() {
# forget it if we're trying to start, and /etc/ssh/sshd_not_to_be_run exists
- if [ -e /etc/ssh/sshd_not_to_be_run ]; then
- if [ "$1" = log_end_msg ]; then
- log_end_msg 0
- fi
- if ! run_by_init; then
- log_action_msg "OpenBSD Secure Shell server not in use (/etc/ssh/sshd_not_to_be_run)"
- fi
- exit 0
+ if [ -e /etc/ssh/sshd_not_to_be_run ]; then
+ if [ "$1" = log_end_msg ]; then
+ log_end_msg 0
+ fi
+ if ! run_by_init; then
+ log_action_msg "OpenBSD Secure Shell server not in use (/etc/ssh/sshd_not_to_be_run)"
+ fi
+ exit 0
fi
}
check_dev_null() {
if [ ! -c /dev/null ]; then
- if [ "$1" = log_end_msg ]; then
- log_end_msg 1 || true
- fi
- if ! run_by_init; then
- log_action_msg "/dev/null is not a character device!"
- fi
- exit 1
+ if [ "$1" = log_end_msg ]; then
+ log_end_msg 1 || true
+ fi
+ if ! run_by_init; then
+ log_action_msg "/dev/null is not a character device!"
+ fi
+ exit 1
fi
}
check_privsep_dir() {
# Create the PrivSep empty dir if necessary
if [ ! -d /var/run/sshd ]; then
- mkdir /var/run/sshd
- chmod 0755 /var/run/sshd
+ mkdir /var/run/sshd
+ chmod 0755 /var/run/sshd
fi
}
check_config() {
if [ ! -e /etc/ssh/sshd_not_to_be_run ]; then
- /usr/sbin/sshd -t || exit 1
+ /usr/sbin/sshd -t || exit 1
fi
}
case "$1" in
start)
- check_for_no_start
- check_dev_null
- if ! test -f $RSA1_KEY ; then
- echo "Generating SSH1 RSA host key..."
- $KEYGEN -t rsa1 -f $RSA1_KEY -C '' -N '' || exit 1
- fi
- if ! test -f $RSA_KEY ; then
- echo "Generating SSH RSA host key..."
- $KEYGEN -t rsa -f $RSA_KEY -C '' -N '' || exit 1
- fi
- if ! test -f $DSA_KEY ; then
- echo "Generating SSH2 DSA host key..."
- $KEYGEN -t dsa -f $DSA_KEY -C '' -N '' || exit 1
- fi
- log_daemon_msg "Starting OpenBSD Secure Shell server" "sshd"
- check_privsep_dir
- if start-stop-daemon --start --quiet --oknodo --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd -- $SSHD_OPTS; then
- log_end_msg 0
- else
- log_end_msg 1
- fi
- ;;
+ check_privsep_dir
+ check_for_no_start
+ check_dev_null
+
+ if ! test -f $RSA1_KEY ; then
+ log_action_msg "Generating SSH1 RSA host key..."
+ $KEYGEN -t rsa1 -f $RSA1_KEY -C '' -N '' || exit 1
+ fi
+
+ if ! test -f $RSA_KEY ; then
+ log_action_msg "Generating SSH RSA host key..."
+ $KEYGEN -t rsa -f $RSA_KEY -C '' -N '' || exit 1
+ fi
+
+ if ! test -f $DSA_KEY ; then
+ log_action_msg "Generating SSH2 DSA host key..."
+ $KEYGEN -t dsa -f $DSA_KEY -C '' -N '' || exit 1
+ fi
+
+ log_daemon_msg "Starting OpenBSD Secure Shell server" "sshd"
+ if start-stop-daemon --start --quiet --oknodo --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd -- $SSHD_OPTS; then
+ log_end_msg 0
+ else
+ log_end_msg 1
+ fi
+ ;;
stop)
- log_daemon_msg "Stopping OpenBSD Secure Shell server" "sshd"
- if start-stop-daemon --stop --quiet --oknodo --pidfile /var/run/sshd.pid; then
- log_end_msg 0
- else
- log_end_msg 1
- fi
- ;;
+ log_daemon_msg "Stopping OpenBSD Secure Shell server" "sshd"
+ if start-stop-daemon --stop --quiet --oknodo --pidfile /var/run/sshd.pid; then
+ log_end_msg 0
+ else
+ log_end_msg 1
+ fi
+ ;;
reload|force-reload)
- check_for_no_start
- check_config
- log_daemon_msg "Reloading OpenBSD Secure Shell server's configuration" "sshd"
- if start-stop-daemon --stop --signal 1 --quiet --oknodo --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd; then
- log_end_msg 0
- else
- log_end_msg 1
- fi
- ;;
+ check_for_no_start
+ check_config
+ log_daemon_msg "Reloading OpenBSD Secure Shell server's configuration" "sshd"
+ if start-stop-daemon --stop --signal 1 --quiet --oknodo --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd; then
+ log_end_msg 0
+ else
+ log_end_msg 1
+ fi
+ ;;
restart)
- check_privsep_dir
- check_config
- log_daemon_msg "Restarting OpenBSD Secure Shell server" "sshd"
- start-stop-daemon --stop --quiet --oknodo --retry 30 --pidfile /var/run/sshd.pid
- check_for_no_start log_end_msg
- check_dev_null log_end_msg
- if start-stop-daemon --start --quiet --oknodo --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd -- $SSHD_OPTS; then
- log_end_msg 0
- else
- log_end_msg 1
- fi
- ;;
+ check_privsep_dir
+ check_config
+ log_daemon_msg "Restarting OpenBSD Secure Shell server" "sshd"
+ start-stop-daemon --stop --quiet --oknodo --retry 30 --pidfile /var/run/sshd.pid
+ check_for_no_start log_end_msg
+ check_dev_null log_end_msg
+ if start-stop-daemon --start --quiet --oknodo --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd -- $SSHD_OPTS; then
+ log_end_msg 0
+ else
+ log_end_msg 1
+ fi
+ ;;
try-restart)
- check_privsep_dir
- check_config
- log_daemon_msg "Restarting OpenBSD Secure Shell server" "sshd"
- set +e
- start-stop-daemon --stop --quiet --retry 30 --pidfile /var/run/sshd.pid
- RET="$?"
- set -e
- case $RET in
- 0)
- # old daemon stopped
- check_for_no_start log_end_msg
- check_dev_null log_end_msg
- if start-stop-daemon --start --quiet --oknodo --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd -- $SSHD_OPTS; then
- log_end_msg 0
- else
- log_end_msg 1
- fi
- ;;
- 1)
- # daemon not running
- log_progress_msg "(not running)"
- log_end_msg 0
- ;;
- *)
- # failed to stop
- log_progress_msg "(failed to stop)"
- log_end_msg 1
- ;;
- esac
- ;;
+ check_privsep_dir
+ check_config
+ log_daemon_msg "Restarting OpenBSD Secure Shell server" "sshd"
+ set +e
+ start-stop-daemon --stop --quiet --retry 30 --pidfile /var/run/sshd.pid
+ RET="$?"
+ set -e
+ case $RET in
+ 0)
+ # old daemon stopped
+ check_for_no_start log_end_msg
+ check_dev_null log_end_msg
+ if start-stop-daemon --start --quiet --oknodo --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd -- $SSHD_OPTS; then
+ log_end_msg 0
+ else
+ log_end_msg 1
+ fi
+ ;;
+ 1)
+ # daemon not running
+ log_progress_msg "(not running)"
+ log_end_msg 0
+ ;;
+ *)
+ # failed to stop
+ log_progress_msg "(failed to stop)"
+ log_end_msg 1
+ ;;
+ esac
+ ;;
+
+ status)
+ status_of_proc -p /var/run/sshd.pid /usr/sbin/sshd sshd && exit 0 || exit $?
+ ;;
*)
- log_action_msg "Usage: /etc/init.d/ssh {start|stop|reload|force-reload|restart|try-restart}"
- exit 1
+ log_action_msg "Usage: /etc/init.d/ssh {start|stop|reload|force-reload|restart|try-restart|status}"
+ exit 1
esac
exit 0
projects / grml-etc.git / commitdiff