From fbb00bd666d075d56d420de4ab05a86c41681d96 Mon Sep 17 00:00:00 2001
From: Jay Larson <jlarson@snaplinux.org>
Date: Tue, 16 May 2017 18:30:53 -0500
Subject: [PATCH] The following changes were made:

  * Corrected PrivSep home directory (/var/lib/sshd -l /var/run/sshd)
  * Minor cleanup of duplication in usher
  * Cleaned up init script
---
 Makefile       |  2 +-
 SNAP/sshd.init | 54 +++++++++++++++++++++++++++++---------------------
 SNAP/usher     | 24 ++++++++--------------
 3 files changed, 40 insertions(+), 40 deletions(-)

diff --git a/Makefile b/Makefile
index ad84317..d92254a 100644
--- a/Makefile
+++ b/Makefile
@@ -15,7 +15,7 @@ export URL = http://www.openssh.com/
 BRIEF = OpenSSH client and server
 DESC = OpenSSH is the premier connectivity tool for remote login with the \
 SSH protocol.
-SNAPVER = 5
+SNAPVER = 6
 
 ARCHIVE := $(PWD)/SRC/$(shell ls SRC|egrep '(bz2|gz|tar|xz)$$'|tail -1)
 TYPE := $(shell file -ib $(ARCHIVE)|cut -d';' -f1|tr -d '\n')
diff --git a/SNAP/sshd.init b/SNAP/sshd.init
index 7b808a3..7e9a005 100755
--- a/SNAP/sshd.init
+++ b/SNAP/sshd.init
@@ -1,9 +1,10 @@
 #!/bin/sh
-
 ### BEGIN INIT INFO
 # Provides:            sshd
 # Required-Start:      $network $syslog
 # Required-Stop:       $network $syslog
+# Should-Start:
+# Should-Stop:
 # Default-Start:       3 4 5
 # Default-Stop:        0 1 2 6
 # Short-Description:   OpenBSD Secure Shell server
@@ -12,38 +13,45 @@
 . /lib/lsb/init-functions
 
 DAEMON=/usr/sbin/sshd
-
-check_privsep_dir() {
-  # Create the PrivSep empty dir if necessary
-  if [ ! -d /var/run/sshd ]; then
-    mkdir /var/run/sshd
-    chmod 0755 /var/run/sshd
-  fi
-}
+PIDFILE=/var/run/sshd.pid
+PRIVSEPDIR=/var/run/sshd
 
 case "$1" in
   start)
-    check_privsep_dir
-    log_info_msg "Starting OpenBSD Secure Shell server"
-    $DAEMON && log_success_msg || log_failure_msg
+    log_init_msg "Starting OpenBSD Secure Shell server"
+
+    if [ ! -d "$PRIVSEPDIR" ]; then
+      mkdir "$PRIVSEPDIR" || error=1
+    fi
+
+    chmod 0755 "$PRIVSEPDIR" || error=1
+    start_daemon "$DAEMON" || error=1
+
+    [ -z "$error" ] && log_success_msg || log_failure_msg
+
+    exit $error
     ;;
   stop)
-    log_info_msg "Stopping OpenBSD Secure Shell server"
+    log_init_msg "Stopping OpenBSD Secure Shell server"
 
-    if ! test -f /var/run/sshd.pid; then
-      echo -n " - No sshd running"
-      log_warning_msg
+    killproc "$DAEMON" -TERM && log_success_msg || log_failure_msg
+    ;;
+  reload|restart)
+    log_init_msg "Restarting OpenBSD Secure Shell server"
+
+    killproc -p "$PIDFILE" "$DAEMON" -HUP && log_success_msg || log_failure_msg
+    ;;
+  status)
+    pid=$(pidofproc -p "$PIDFILE" "$DAEMON")
+
+    if [ "$?" -ne 0 ]; then
+      echo "OpenBSD Secure Shell server not running"
     else
-      kill -TERM $(cat /var/run/sshd.pid) && log_success_msg || log_failure_msg
+      echo "OpenBSD Secure Shell server running with PID: $pid"
     fi
     ;;
-  restart)
-    $0 stop
-    sleep 1
-    $0 start
-    ;;
   *)
-    echo "Usage: $0 [start|stop|restart]"
+    echo "Usage: $0 [start|stop|reload|restart|status]"
     exit 1
     ;;
 esac
diff --git a/SNAP/usher b/SNAP/usher
index d67e2b0..b38b878 100755
--- a/SNAP/usher
+++ b/SNAP/usher
@@ -18,7 +18,7 @@ case $1 in
       fi
       if ! chroot ${TARGET} 'getent passwd sshd 2>&1 > /dev/null'; then
         if chroot ${TARGET} 'useradd -c "sshd PrivSep" \
-        -d /var/lib/sshd -g sshd -s /bin/false -u 50 sshd'; then
+        -d /var/run/sshd -g sshd -s /bin/false -u 50 sshd'; then
           echo 'Created user sshd'
         else
           echo 'Failed to create user sshd!'
@@ -29,14 +29,6 @@ case $1 in
       if [ ! -f ${TARGET}/etc/ssh/ssh_host_rsa_key ]; then
         chroot ${TARGET} 'ssh-keygen -A'
       fi
-
-      if [ ! -f ${TARGET}/etc/ssh/ssh_config ]; then
-        cp ${TARGET}/usr/share/openssh/ssh_config ${TARGET}/etc/ssh
-      fi
-
-      if [ ! -f ${TARGET}/etc/ssh/sshd_config ]; then
-        cp ${TARGET}/usr/share/openssh/sshd_config ${TARGET}/etc/ssh
-      fi
     else
       if ! getent group sshd 2>&1 > /dev/null; then
         if groupadd -g 50 sshd; then
@@ -47,7 +39,7 @@ case $1 in
         fi
       fi
       if ! getent passwd sshd 2>&1 > /dev/null; then
-        if useradd -c 'sshd PrivSep' -d /var/lib/sshd -g sshd \
+        if useradd -c 'sshd PrivSep' -d /var/run/sshd -g sshd \
         -s /bin/false -u 50 sshd; then
           echo 'Created user sshd'
         else
@@ -59,14 +51,14 @@ case $1 in
       if [ ! -f /etc/ssh/ssh_host_rsa_key ]; then
         ssh-keygen -A
       fi
+    fi
 
-      if [ ! -f /etc/ssh/ssh_config ]; then
-        cp /usr/share/openssh/ssh_config /etc/ssh
-      fi
+    if [ ! -f ${TARGET}/etc/ssh/ssh_config ]; then
+      cp ${TARGET}/usr/share/openssh/ssh_config ${TARGET}/etc/ssh
+    fi
 
-      if [ ! -f /etc/ssh/sshd_config ]; then
-        cp /usr/share/openssh/sshd_config /etc/ssh
-      fi
+    if [ ! -f ${TARGET}/etc/ssh/sshd_config ]; then
+      cp ${TARGET}/usr/share/openssh/sshd_config ${TARGET}/etc/ssh
     fi
     ;;
   prerm)