packages: openssh/opensshd.init - merge key generation logic to one place; ...

glen glen at pld-linux.org
Sun Dec 13 19:52:34 CET 2009 

Author: glen                         Date: Sun Dec 13 18:52:34 2009 GMT
Module: packages                      Tag: HEAD
---- Log message:
- merge key generation logic to one place; sync after new keys write

---- Files affected:
packages/openssh:
   opensshd.init (1.33 -> 1.34) 

---- Diffs:

================================================================
Index: packages/openssh/opensshd.init
diff -u packages/openssh/opensshd.init:1.33 packages/openssh/opensshd.init:1.34
--- packages/openssh/opensshd.init:1.33	Wed Oct 29 14:54:28 2008
+++ packages/openssh/opensshd.init	Sun Dec 13 19:52:29 2009
@@ -22,7 +22,7 @@
 # Check that networking is up.
 if is_yes "${NETWORKING}"; then
 	if [ ! -f /var/lock/subsys/network -a "$1" != stop -a "$1" != status -a "$1" != init ]; then
-		msg_network_down OpenSSH
+		msg_network_down "OpenSSH"
 		exit 1
 	fi
 else
@@ -41,54 +41,62 @@
 	/usr/sbin/sshd -t || exit 1
 }
 
-start() {
+ssh_gen_keys() {
 	# generate new keys with empty passwords if they do not exist
 	if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then
-		/usr/bin/ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key -N '' 1>&2
+		/usr/bin/ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key -N '' >&2
 		chmod 600 /etc/ssh/ssh_host_key
-		[ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_key || :
+		[ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_key
 	fi
 	if [ ! -f /etc/ssh/ssh_host_rsa_key -o ! -s /etc/ssh/ssh_host_rsa_key ]; then
-		/usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' 1>&2
+		/usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' >&2
 		chmod 600 /etc/ssh/ssh_host_rsa_key
-		[ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_rsa_key || :
+		[ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_rsa_key
 	fi
 	if [ ! -f /etc/ssh/ssh_host_dsa_key -o ! -s /etc/ssh/ssh_host_dsa_key ]; then
-		/usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' 1>&2
+		/usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' >&2
 		chmod 600 /etc/ssh/ssh_host_dsa_key
-		[ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_dsa_key || :
+		[ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_dsa_key
+	fi
+
+	# commit files. so that sudden reboot here won't lose the data.
+	[ -x /bin/sync ] && /bin/sync
+}
+
+start() {
+	# Check if the service is already running?
+	if [ -f /var/lock/subsys/sshd ]; then
+		msg_already_running "OpenSSH"
+		return
 	fi
 
+	ssh_gen_keys
+
 	checkconfig
 
-	if [ ! -f /etc/ssh/ssh_host_key ]; then
-		msg_not_running OpenSSH
+	if [ ! -s /etc/ssh/ssh_host_key ]; then
+		msg_not_running "OpenSSH"
 		nls "No SSH host key found! You must run \"%s init\" first." "$0"
 		exit 1
 	fi
 
-	# Check if the service is already running?
-	if [ ! -f /var/lock/subsys/sshd ]; then
-		msg_starting OpenSSH
-		daemon --pidfile /var/run/sshd.pid /usr/sbin/sshd
-		RETVAL=$?
-		adjust_oom
-		[ $RETVAL -eq 0 ] && touch /var/lock/subsys/sshd
-	else
-		msg_already_running OpenSSH
-	fi
+	msg_starting "OpenSSH"
+	daemon --pidfile /var/run/sshd.pid /usr/sbin/sshd
+	RETVAL=$?
+	adjust_oom
+	[ $RETVAL -eq 0 ] && touch /var/lock/subsys/sshd
 }
 
 stop() {
 	if [ -f /var/lock/subsys/sshd ]; then
-		msg_stopping OpenSSH
+		msg_stopping "OpenSSH"
 		# we use start-stop-daemon to stop sshd, as it is unacceptable for such
 		# critical service as sshd to kill it by procname, but unfortunately
 		# rc-scripts does not provide way to kill *only* by pidfile
 		start-stop-daemon --stop --quiet --pidfile /var/run/sshd.pid && ok || fail
 		rm -f /var/lock/subsys/sshd >/dev/null 2>&1
 	else
-		msg_not_running OpenSSH
+		msg_not_running "OpenSSH"
 	fi
 }
 
@@ -114,25 +122,16 @@
 	nls "Now the SSH host key will be generated. Please note, that if you"
 	nls "will use password for the key, you will need to type it on each"
 	nls "reboot."
-	/usr/bin/ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key
-	[ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_key || :
-	chmod 600 /etc/ssh/ssh_host_key
-	/usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
-	[ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_rsa_key || :
-	chmod 600 /etc/ssh/ssh_host_rsa_key
-	/usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key
-	chmod 600 /etc/ssh/ssh_host_dsa_key
-	[ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_dsa_key || :
-	exit $?
+	ssh_gen_keys
 	;;
   reload|force-reload)
 	if [ -f /var/lock/subsys/sshd ]; then
 		checkconfig
-		msg_reloading OpenSSH
+		msg_reloading "OpenSSH"
 		killproc sshd -HUP
 		RETVAL=$?
 	else
-		msg_not_running OpenSSH
+		msg_not_running "OpenSSH"
 		exit 7
 	fi
 	;;
================================================================

---- CVS-web:
    http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/openssh/opensshd.init?r1=1.33&r2=1.34&f=u

More information about the pld-cvs-commit mailing list