The following changes were made:

* Added shadow as dependency (for useradd and groupadd) * Removed old usher script * Modified client and server usher to not use chroot
2017-11-26 13:34:08 -06:00
parent a5b7bc71d0
commit ad3ba89a0c
5 changed files with 24 additions and 118 deletions
--- a/SNAP/usher-server
+++ b/SNAP/usher-server
@@ -7,54 +7,30 @@ case $1 in
    exit 0
    ;;
  postinst)
-    if [[ ${TARGET} ]]; then
-      if ! chroot ${TARGET} 'getent group sshd 2>&1' > /dev/null; then
-        if chroot ${TARGET} 'groupadd -g 50 sshd'; then
-          echo 'Created group sshd'
-        else
-          echo 'Failed to create group sshd!'
-          exit 1
-        fi
+    if ! getent group sshd 2>&1 > /dev/null; then
+      if groupadd -g 50 sshd; then
+        echo 'Created group sshd'
+      else
+        echo 'Failed to create group sshd!'
+        exit 1
      fi
-      if ! chroot ${TARGET} 'getent passwd sshd 2>&1 > /dev/null'; then
-        if chroot ${TARGET} 'useradd -c "sshd PrivSep" \
-        -d /var/run/sshd -g sshd -s /bin/false -u 50 sshd'; then
-          echo 'Created user sshd'
-        else
-          echo 'Failed to create user sshd!'
-          exit 1
-        fi
-      fi
-
-      if [ ! -f ${TARGET}/etc/ssh/ssh_host_rsa_key ]; then
-        chroot ${TARGET} 'ssh-keygen -A'
-      fi
-    else
-      if ! getent group sshd 2>&1 > /dev/null; then
-        if groupadd -g 50 sshd; then
-          echo 'Created group sshd'
-        else
-          echo 'Failed to create group sshd!'
-          exit 1
-        fi
-      fi
-      if ! getent passwd sshd 2>&1 > /dev/null; then
-        if useradd -c 'sshd PrivSep' -d /var/run/sshd -g sshd \
-        -s /bin/false -u 50 sshd; then
-          echo 'Created user sshd'
-        else
-          echo 'Failed to create user sshd!'
-          exit 1
-        fi
-      fi
-
-      if [ ! -f /etc/ssh/ssh_host_rsa_key ]; then
-        ssh-keygen -A
+    fi
+    if ! getent passwd sshd 2>&1 > /dev/null; then
+      if useradd -c 'sshd PrivSep' -d /var/run/sshd -g sshd \
+      -s /bin/false -u 50 sshd; then
+        echo 'Created user sshd'
+      else
+        echo 'Failed to create user sshd!'
+        exit 1
      fi
    fi

-    if [ ! -f ${TARGET}/etc/ssh/sshd_config ]; then
-      cp ${TARGET}/usr/share/openssh/sshd_config ${TARGET}/etc/ssh
+    if [ ! -f /etc/ssh/ssh_host_rsa_key ]; then
+      ssh-keygen -A
+    fi
+
+    if [ ! -f /etc/ssh/sshd_config ]; then
+      cp /usr/share/openssh/sshd_config /etc/ssh
    fi
    ;;
  prerm)