Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 763444 Details for
Bug 831762
net-misc/openssh: Modify OpenRC init script to enable control of SSH HostKey algorithm generation
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
sshd-r3.initd v2
sshd-r3.initd (text/plain), 3.53 KB, created by
Joshua Kinard
on 2022-01-24 00:56:24 UTC
(
hide
)
Description:
sshd-r3.initd v2
Filename:
MIME Type:
Creator:
Joshua Kinard
Created:
2022-01-24 00:56:24 UTC
Size:
3.53 KB
patch
obsolete
>#!/sbin/openrc-run ># Copyright 1999-2022 Gentoo Authors ># Distributed under the terms of the GNU General Public License v2 > >extra_commands="checkconfig" >extra_started_commands="reload" > >: ${SSHD_CONFDIR:=${RC_PREFIX%/}/etc/ssh} >: ${SSHD_CONFIG:=${SSHD_CONFDIR}/sshd_config} >: ${SSHD_PIDFILE:=${RC_PREFIX%/}/run/${SVCNAME}.pid} >: ${SSHD_BINARY:=${RC_PREFIX%/}/usr/sbin/sshd} >: ${SSHD_KEYGEN_BINARY:=${RC_PREFIX%/}/usr/bin/ssh-keygen} >: ${SSHD_HOSTKEY_TYPES=""} > >command="${SSHD_BINARY}" >pidfile="${SSHD_PIDFILE}" >command_args="${SSHD_OPTS} -o PidFile=${pidfile} -f ${SSHD_CONFIG}" > ># Wait one second (length chosen arbitrarily) to see if sshd actually ># creates a PID file, or if it crashes for some reason like not being ># able to bind to the address in ListenAddress (bug 617596). >: ${SSHD_SSD_OPTS:=--wait 1000} >start_stop_daemon_args="${SSHD_SSD_OPTS}" > >depend() { > # Entropy can be used by ssh-keygen, among other things, but > # is not strictly required (bug 470020). > use logger dns entropy > if [ "${rc_need+set}" = "set" ] ; then > : # Do nothing, the user has explicitly set rc_need > else > local x warn_addr > for x in $(awk '/^ListenAddress/{ print $2 }' "$SSHD_CONFIG" 2>/dev/null) ; do > case "${x}" in > 0.0.0.0|0.0.0.0:*) ;; > ::|\[::\]*) ;; > *) warn_addr="${warn_addr} ${x}" ;; > esac > done > if [ -n "${warn_addr}" ] ; then > need net > ewarn "You are binding an interface in ListenAddress statement in your sshd_config!" > ewarn "You must add rc_need=\"net.FOO\" to your ${RC_PREFIX%/}/etc/conf.d/sshd" > ewarn "where FOO is the interface(s) providing the following address(es):" > ewarn "${warn_addr}" > fi > fi >} > >checkconfig() { > checkpath --mode 0755 --directory "${RC_PREFIX%/}/var/empty" > > # Check for sshd_config. > if [ ! -e "${SSHD_CONFIG}" ] ; then > eerror "You need an ${SSHD_CONFIG} file to run sshd" > eerror "There is a sample file in /usr/share/doc/openssh" > return 1 > fi > > # HostKey generation. > if [ -z "${SSHD_HOSTKEY_TYPES}" ] ; then > ${SSHD_KEYGEN_BINARY} -A || return 2 > else > local hkey_type > for hkey_type in ${SSHD_HOSTKEY_TYPES}; do > local hkey_file="${SSHD_CONFDIR}/ssh_host_${hkey_type}_key" > [ -f "${hkey_file}" ] && continue > > ${SSHD_KEYGEN_BINARY} -t "${hkey_type}" \ > -f "${hkey_file}" -N '' || return 2 > done > fi > > # Check sshd config file syntax > "${command}" -t ${command_args} || return 3 >} > >start_pre() { > # Make sure that the user's config isn't busted before we try > # to start the daemon (this will produce better error messages > # than if we just try to start it blindly). > # > # We always need to call checkconfig because this function will > # also generate any missing host key and you can start a > # non-running service with "restart" argument. > checkconfig || return $? >} > >stop_pre() { > if [ "${RC_CMD}" = "restart" ] ; then > # If this is a restart, check to make sure the user's config > # isn't busted before we stop the running daemon. > checkconfig || return $? > elif yesno "${RC_GOINGDOWN}" && [ -s "${pidfile}" ] && hash pgrep 2>/dev/null ; then > # Disconnect any clients before killing the master process > local pid=$(cat "${pidfile}" 2>/dev/null) > if [ -n "${pid}" ] ; then > local ssh_session_pattern='sshd: \S.*@pts/[0-9]+' > > IFS="${IFS}@" > local daemon pid pty user > pgrep -a -P ${pid} -f "$ssh_session_pattern" | while read pid daemon user pty ; do > ewarn "Found ${daemon%:} session ${pid} on ${pty}; sending SIGTERM ..." > kill "${pid}" || true > done > fi > fi >} > >reload() { > checkconfig || return $? > ebegin "Reloading ${SVCNAME}" > start-stop-daemon --signal HUP --pidfile "${pidfile}" > eend $? >}
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=763444">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 831762
:
763086
|
763087
|
763088
|
763089
|
763442
|
763443
| 763444 |
763445
|
763446
|
763447
