From 8fb1f40dfe1d67d2ffe888a824da6d06f9fe467b Mon Sep 17 00:00:00 2001 From: Michael Prokop Date: Thu, 9 Aug 2007 18:41:45 +0200 Subject: [PATCH] Update /etc/init.d/ssh --- debian/changelog | 6 ++ etc/init.d/ssh | 184 +++++++++++++++++++++++++++++++++++++++++++------------ 2 files changed, 150 insertions(+), 40 deletions(-) diff --git a/debian/changelog b/debian/changelog index 287b957..d416254 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +grml-etc (1.0.15) unstable; urgency=low + + * Update /etc/init.d/ssh according to changes in Debian's original file. + + -- Michael Prokop Thu, 9 Aug 2007 18:41:27 +0200 + grml-etc (1.0.14) unstable; urgency=low * /etc/runlevel.conf.hdinstall + /etc/runlevel.conf.livecd: diff --git a/etc/init.d/ssh b/etc/init.d/ssh index 6b4127b..96c7b3e 100755 --- a/etc/init.d/ssh +++ b/etc/init.d/ssh @@ -1,70 +1,174 @@ #!/bin/sh -# Filename: /etc/init.d/ssh -# Purpose: start and stop the OpenBSD "secure shell(tm)" daemon including keyeneration -# Authors: grml-team (grml.org), (c) Michael Prokop -# Bug-Reports: see http://grml.org/bugs/ -# License: This file is licensed under the GPL v2. -# Latest change: Mon Jul 11 01:26:29 CEST 2005 [mika] -################################################################################ + +### BEGIN INIT INFO +# Provides: sshd +# Required-Start: $network $local_fs $remote_fs +# Required-Stop: +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: OpenBSD Secure Shell server +### END INIT INFO + +# Notice: this file has been adjusted by the grml team so +# the script supports key-generation for ssh as well + +set -e + +# /etc/init.d/ssh: start and stop the OpenBSD "secure shell(tm)" daemon test -x /usr/sbin/sshd || exit 0 ( /usr/sbin/sshd -\? 2>&1 | grep -q OpenSSH ) 2>/dev/null || exit 0 -# forget it if we're trying to start, and /etc/ssh/NOSERVER exists -if expr "$1" : '.*start$' >/dev/null && [ -e /etc/ssh/NOSERVER ]; then - echo "Not starting OpenBSD Secure Shell server (/etc/ssh/NOSERVER)" - exit 0 +if test -f /etc/default/ssh; then + . /etc/default/ssh fi +. /lib/lsb/init-functions + # Configurable options: KEYGEN=/usr/bin/ssh-keygen RSA1_KEY=/etc/ssh/ssh_host_key RSA_KEY=/etc/ssh/ssh_host_rsa_key DSA_KEY=/etc/ssh/ssh_host_dsa_key -case "$1" in - start) - test -f /etc/ssh/sshd_not_to_be_run && exit 0 - if ! test -f $RSA1_KEY ; then - echo "Generating SSH1 RSA host key..." - $KEYGEN -t rsa1 -f $RSA1_KEY -C '' -N '' || exit 1 +# Are we running from init? +run_by_init() { + ([ "$previous" ] && [ "$runlevel" ]) || [ "$runlevel" = S ] +} + +check_for_no_start() { + # forget it if we're trying to start, and /etc/ssh/sshd_not_to_be_run exists + if [ -e /etc/ssh/sshd_not_to_be_run ]; then + if [ "$1" = log_end_msg ]; then + log_end_msg 0 + fi + if ! run_by_init; then + log_action_msg "OpenBSD Secure Shell server not in use (/etc/ssh/sshd_not_to_be_run)" + fi + exit 0 fi - if ! test -f $RSA_KEY ; then - echo "Generating SSH RSA host key..." - $KEYGEN -t rsa -f $RSA_KEY -C '' -N '' || exit 1 +} + +check_dev_null() { + if [ ! -c /dev/null ]; then + if [ "$1" = log_end_msg ]; then + log_end_msg 1 || true + fi + if ! run_by_init; then + log_action_msg "/dev/null is not a character device!" + fi + exit 1 fi - if ! test -f $DSA_KEY ; then - echo "Generating SSH2 DSA host key..." - $KEYGEN -t dsa -f $DSA_KEY -C '' -N '' || exit 1 +} + +check_privsep_dir() { + # Create the PrivSep empty dir if necessary + if [ ! -d /var/run/sshd ]; then + mkdir /var/run/sshd + chmod 0755 /var/run/sshd + fi +} + +check_config() { + if [ ! -e /etc/ssh/sshd_not_to_be_run ]; then + /usr/sbin/sshd -t || exit 1 fi - echo -n "Starting OpenBSD Secure Shell server: sshd" - start-stop-daemon --start --quiet --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd - echo "." +} + +export PATH="${PATH:+$PATH:}/usr/sbin:/sbin" + +case "$1" in + start) + check_for_no_start + check_dev_null + if ! test -f $RSA1_KEY ; then + echo "Generating SSH1 RSA host key..." + $KEYGEN -t rsa1 -f $RSA1_KEY -C '' -N '' || exit 1 + fi + if ! test -f $RSA_KEY ; then + echo "Generating SSH RSA host key..." + $KEYGEN -t rsa -f $RSA_KEY -C '' -N '' || exit 1 + fi + if ! test -f $DSA_KEY ; then + echo "Generating SSH2 DSA host key..." + $KEYGEN -t dsa -f $DSA_KEY -C '' -N '' || exit 1 + fi + log_daemon_msg "Starting OpenBSD Secure Shell server" "sshd" + check_privsep_dir + if start-stop-daemon --start --quiet --oknodo --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd -- $SSHD_OPTS; then + log_end_msg 0 + else + log_end_msg 1 + fi ;; stop) - echo -n "Stopping OpenBSD Secure Shell server: sshd" - start-stop-daemon --stop --quiet --oknodo --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd - echo "." + log_daemon_msg "Stopping OpenBSD Secure Shell server" "sshd" + if start-stop-daemon --stop --quiet --oknodo --pidfile /var/run/sshd.pid; then + log_end_msg 0 + else + log_end_msg 1 + fi ;; reload|force-reload) - test -f /etc/ssh/sshd_not_to_be_run && exit 0 - echo -n "Reloading OpenBSD Secure Shell server's configuration" - start-stop-daemon --stop --signal 1 --quiet --oknodo --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd - echo "." + check_for_no_start + check_config + log_daemon_msg "Reloading OpenBSD Secure Shell server's configuration" "sshd" + if start-stop-daemon --stop --signal 1 --quiet --oknodo --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd; then + log_end_msg 0 + else + log_end_msg 1 + fi ;; restart) - test -f /etc/ssh/sshd_not_to_be_run && exit 0 - echo -n "Restarting OpenBSD Secure Shell server: sshd" - start-stop-daemon --stop --quiet --oknodo --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd - sleep 10 - start-stop-daemon --start --quiet --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd - echo "." + check_privsep_dir + check_config + log_daemon_msg "Restarting OpenBSD Secure Shell server" "sshd" + start-stop-daemon --stop --quiet --oknodo --retry 30 --pidfile /var/run/sshd.pid + check_for_no_start log_end_msg + check_dev_null log_end_msg + if start-stop-daemon --start --quiet --oknodo --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd -- $SSHD_OPTS; then + log_end_msg 0 + else + log_end_msg 1 + fi + ;; + + try-restart) + check_privsep_dir + check_config + log_daemon_msg "Restarting OpenBSD Secure Shell server" "sshd" + set +e + start-stop-daemon --stop --quiet --retry 30 --pidfile /var/run/sshd.pid + RET="$?" + set -e + case $RET in + 0) + # old daemon stopped + check_for_no_start log_end_msg + check_dev_null log_end_msg + if start-stop-daemon --start --quiet --oknodo --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd -- $SSHD_OPTS; then + log_end_msg 0 + else + log_end_msg 1 + fi + ;; + 1) + # daemon not running + log_progress_msg "(not running)" + log_end_msg 0 + ;; + *) + # failed to stop + log_progress_msg "(failed to stop)" + log_end_msg 1 + ;; + esac ;; *) - echo "Usage: /etc/init.d/ssh {start|stop|reload|force-reload|restart}" + log_action_msg "Usage: /etc/init.d/ssh {start|stop|reload|force-reload|restart|try-restart}" exit 1 esac -- 2.1.4