The following changes were made:

* Corrected PrivSep home directory (/var/lib/sshd -l /var/run/sshd) * Minor cleanup of duplication in usher * Cleaned up init script
2017-05-16 18:30:53 -05:00
parent 563812345d
commit fbb00bd666
3 changed files with 40 additions and 40 deletions
--- a/2
+++ b/2
@@ -15,7 +15,7 @@ export URL = http://www.openssh.com/
 BRIEF = OpenSSH client and server
 DESC = OpenSSH is the premier connectivity tool for remote login with the \
 SSH protocol.
-SNAPVER = 5
+SNAPVER = 6

 ARCHIVE := $(PWD)/SRC/$(shell ls SRC|egrep '(bz2|gz|tar|xz)$$'|tail -1)
 TYPE := $(shell file -ib $(ARCHIVE)|cut -d';' -f1|tr -d '\n')
--- a/SNAP/sshd.init
+++ b/SNAP/sshd.init
@@ -1,9 +1,10 @@
 #!/bin/sh
-
 ### BEGIN INIT INFO
 # Provides:            sshd
 # Required-Start:      $network $syslog
 # Required-Stop:       $network $syslog
+# Should-Start:
+# Should-Stop:
 # Default-Start:       3 4 5
 # Default-Stop:        0 1 2 6
 # Short-Description:   OpenBSD Secure Shell server
@@ -12,38 +13,45 @@
 . /lib/lsb/init-functions

 DAEMON=/usr/sbin/sshd
-
-check_privsep_dir() {
-  # Create the PrivSep empty dir if necessary
-  if [ ! -d /var/run/sshd ]; then
-    mkdir /var/run/sshd
-    chmod 0755 /var/run/sshd
-  fi
-}
+PIDFILE=/var/run/sshd.pid
+PRIVSEPDIR=/var/run/sshd

 case "$1" in
  start)
-    check_privsep_dir
-    log_info_msg "Starting OpenBSD Secure Shell server"
-    $DAEMON && log_success_msg || log_failure_msg
+    log_init_msg "Starting OpenBSD Secure Shell server"
+
+    if [ ! -d "$PRIVSEPDIR" ]; then
+      mkdir "$PRIVSEPDIR" || error=1
+    fi
+
+    chmod 0755 "$PRIVSEPDIR" || error=1
+    start_daemon "$DAEMON" || error=1
+
+    [ -z "$error" ] && log_success_msg || log_failure_msg
+
+    exit $error
    ;;
  stop)
-    log_info_msg "Stopping OpenBSD Secure Shell server"
+    log_init_msg "Stopping OpenBSD Secure Shell server"

-    if ! test -f /var/run/sshd.pid; then
-      echo -n " - No sshd running"
-      log_warning_msg
+    killproc "$DAEMON" -TERM && log_success_msg || log_failure_msg
+    ;;
+  reload|restart)
+    log_init_msg "Restarting OpenBSD Secure Shell server"
+
+    killproc -p "$PIDFILE" "$DAEMON" -HUP && log_success_msg || log_failure_msg
+    ;;
+  status)
+    pid=$(pidofproc -p "$PIDFILE" "$DAEMON")
+
+    if [ "$?" -ne 0 ]; then
+      echo "OpenBSD Secure Shell server not running"
    else
-      kill -TERM $(cat /var/run/sshd.pid) && log_success_msg || log_failure_msg
+      echo "OpenBSD Secure Shell server running with PID: $pid"
    fi
    ;;
-  restart)
-    $0 stop
-    sleep 1
-    $0 start
-    ;;
  *)
-    echo "Usage: $0 [start|stop|restart]"
+    echo "Usage: $0 [start|stop|reload|restart|status]"
    exit 1
    ;;
 esac
--- a/SNAP/usher
+++ b/SNAP/usher
@@ -18,7 +18,7 @@ case $1 in
      fi
      if ! chroot ${TARGET} 'getent passwd sshd 2>&1 > /dev/null'; then
        if chroot ${TARGET} 'useradd -c "sshd PrivSep" \
-        -d /var/lib/sshd -g sshd -s /bin/false -u 50 sshd'; then
+        -d /var/run/sshd -g sshd -s /bin/false -u 50 sshd'; then
          echo 'Created user sshd'
        else
          echo 'Failed to create user sshd!'
@@ -29,14 +29,6 @@ case $1 in
      if [ ! -f ${TARGET}/etc/ssh/ssh_host_rsa_key ]; then
        chroot ${TARGET} 'ssh-keygen -A'
      fi
-
-      if [ ! -f ${TARGET}/etc/ssh/ssh_config ]; then
-        cp ${TARGET}/usr/share/openssh/ssh_config ${TARGET}/etc/ssh
-      fi
-
-      if [ ! -f ${TARGET}/etc/ssh/sshd_config ]; then
-        cp ${TARGET}/usr/share/openssh/sshd_config ${TARGET}/etc/ssh
-      fi
    else
      if ! getent group sshd 2>&1 > /dev/null; then
        if groupadd -g 50 sshd; then
@@ -47,7 +39,7 @@ case $1 in
        fi
      fi
      if ! getent passwd sshd 2>&1 > /dev/null; then
-        if useradd -c 'sshd PrivSep' -d /var/lib/sshd -g sshd \
+        if useradd -c 'sshd PrivSep' -d /var/run/sshd -g sshd \
        -s /bin/false -u 50 sshd; then
          echo 'Created user sshd'
        else
@@ -59,14 +51,14 @@ case $1 in
      if [ ! -f /etc/ssh/ssh_host_rsa_key ]; then
        ssh-keygen -A
      fi
-
-      if [ ! -f /etc/ssh/ssh_config ]; then
-        cp /usr/share/openssh/ssh_config /etc/ssh
    fi

-      if [ ! -f /etc/ssh/sshd_config ]; then
-        cp /usr/share/openssh/sshd_config /etc/ssh
+    if [ ! -f ${TARGET}/etc/ssh/ssh_config ]; then
+      cp ${TARGET}/usr/share/openssh/ssh_config ${TARGET}/etc/ssh
    fi
+
+    if [ ! -f ${TARGET}/etc/ssh/sshd_config ]; then
+      cp ${TARGET}/usr/share/openssh/sshd_config ${TARGET}/etc/ssh
    fi
    ;;
  prerm)