From c840a579347ea850485fcbab0080ae7cbc0b5881 Mon Sep 17 00:00:00 2001 From: Jay Larson Date: Fri, 24 Nov 2017 11:27:56 -0600 Subject: [PATCH] Modified to support separate usher for client and server packages --- Makefile | 5 +++- SNAP/sshd.init | 10 +++++-- SNAP/usher-client | 20 ++++++++++++++ SNAP/usher-server | 66 +++++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 98 insertions(+), 3 deletions(-) create mode 100755 SNAP/usher-client create mode 100755 SNAP/usher-server diff --git a/Makefile b/Makefile index d92254a..3774d10 100644 --- a/Makefile +++ b/Makefile @@ -10,12 +10,13 @@ export SRCPKG = openssh export DEPENDS = glibc,openssl,zlib +export BUILDDEPS = file,gcc,linux-libc,openssl-dev export ARCH = x86_64 export URL = http://www.openssh.com/ BRIEF = OpenSSH client and server DESC = OpenSSH is the premier connectivity tool for remote login with the \ SSH protocol. -SNAPVER = 6 +SNAPVER = 7 ARCHIVE := $(PWD)/SRC/$(shell ls SRC|egrep '(bz2|gz|tar|xz)$$'|tail -1) TYPE := $(shell file -ib $(ARCHIVE)|cut -d';' -f1|tr -d '\n') @@ -30,6 +31,7 @@ SERVER := $(PWD)/openssh-server SERVERROOT := $(SERVER)/ROOT $(SERVERROOT): $(CLIENTROOT) + cp -v $(PWD)/SNAP/usher-server $(SERVER)/SNAP/usher && \ cd $(SERVER) && make -f ../Makefile.server && mv *.snap ../ $(CLIENTROOT): $(SRCDIR)/sshd @@ -68,6 +70,7 @@ $(CLIENTROOT): $(SRCDIR)/sshd $(SERVERROOT)/usr/share/man/man5/sshd_config.5 && \ mv -v $(CLIENTROOT)/usr/share/man/man8/sftp-server.8 \ $(SERVERROOT)/usr/share/man/man8/sftp-server.8 && \ + cp -v $(PWD)/SNAP/usher-client $(CLIENT)/SNAP/usher && \ cd $(CLIENT) && make -f ../Makefile.client && mv *.snap ../ $(SRCDIR)/configure: $(ARCHIVE) diff --git a/SNAP/sshd.init b/SNAP/sshd.init index 7e9a005..2afac54 100755 --- a/SNAP/sshd.init +++ b/SNAP/sshd.init @@ -32,9 +32,15 @@ case "$1" in exit $error ;; stop) - log_init_msg "Stopping OpenBSD Secure Shell server" + pid=`pidofproc -p "$PIDFILE" "$DAEMON"` - killproc "$DAEMON" -TERM && log_success_msg || log_failure_msg + if [ -n "$pid" ]; then + log_init_msg "Stopping OpenBSD Secure Shell server" + + killproc "$DAEMON" -TERM && log_success_msg || log_failure_msg + else + log_init_msg "OpenBSD Secure Shell server not running" && log_success_msg + fi ;; reload|restart) log_init_msg "Restarting OpenBSD Secure Shell server" diff --git a/SNAP/usher-client b/SNAP/usher-client new file mode 100755 index 0000000..f7a3089 --- /dev/null +++ b/SNAP/usher-client @@ -0,0 +1,20 @@ +#!/bin/bash + +set -e + +case $1 in + preinst) + exit 0 + ;; + postinst) + if [ ! -f ${TARGET}/etc/ssh/ssh_config ]; then + cp ${TARGET}/usr/share/openssh/ssh_config ${TARGET}/etc/ssh + fi + ;; + prerm) + exit 0 + ;; + postrm) + exit 0 + ;; +esac diff --git a/SNAP/usher-server b/SNAP/usher-server new file mode 100755 index 0000000..6520de5 --- /dev/null +++ b/SNAP/usher-server @@ -0,0 +1,66 @@ +#!/bin/bash + +set -e + +case $1 in + preinst) + exit 0 + ;; + postinst) + if [[ ${TARGET} ]]; then + if ! chroot ${TARGET} 'getent group sshd 2>&1' > /dev/null; then + if chroot ${TARGET} 'groupadd -g 50 sshd'; then + echo 'Created group sshd' + else + echo 'Failed to create group sshd!' + exit 1 + fi + fi + if ! chroot ${TARGET} 'getent passwd sshd 2>&1 > /dev/null'; then + if chroot ${TARGET} 'useradd -c "sshd PrivSep" \ + -d /var/run/sshd -g sshd -s /bin/false -u 50 sshd'; then + echo 'Created user sshd' + else + echo 'Failed to create user sshd!' + exit 1 + fi + fi + + if [ ! -f ${TARGET}/etc/ssh/ssh_host_rsa_key ]; then + chroot ${TARGET} 'ssh-keygen -A' + fi + else + if ! getent group sshd 2>&1 > /dev/null; then + if groupadd -g 50 sshd; then + echo 'Created group sshd' + else + echo 'Failed to create group sshd!' + exit 1 + fi + fi + if ! getent passwd sshd 2>&1 > /dev/null; then + if useradd -c 'sshd PrivSep' -d /var/run/sshd -g sshd \ + -s /bin/false -u 50 sshd; then + echo 'Created user sshd' + else + echo 'Failed to create user sshd!' + exit 1 + fi + fi + + if [ ! -f /etc/ssh/ssh_host_rsa_key ]; then + ssh-keygen -A + fi + fi + + if [ ! -f ${TARGET}/etc/ssh/sshd_config ]; then + cp ${TARGET}/usr/share/openssh/sshd_config ${TARGET}/etc/ssh + fi + ;; + prerm) + exit 0 + ;; + postrm) + exit 0 + ;; +esac