Added openssh-client as dependency for openssh-server (ssh-keygen)

* Corrected PrivSep home directory (/var/lib/sshd -l /var/run/sshd)
  * Minor cleanup of duplication in usher
  * Cleaned up init script

Makefile

@@ -10,12 +10,13 @@
 
 export SRCPKG = openssh
 export DEPENDS = glibc,openssl,zlib
+export BUILDDEPS = file,gcc,linux-libc,openssl-dev
 export ARCH = x86_64
 export URL = http://www.openssh.com/
 BRIEF = OpenSSH client and server
 DESC = OpenSSH is the premier connectivity tool for remote login with the \
 SSH protocol.
-SNAPVER = 5
+SNAPVER = 8
 
 ARCHIVE := $(PWD)/SRC/$(shell ls SRC|egrep '(bz2|gz|tar|xz)$$'|tail -1)
 TYPE := $(shell file -ib $(ARCHIVE)|cut -d';' -f1|tr -d '\n')
@@ -30,6 +31,7 @@ SERVER := $(PWD)/openssh-server
 SERVERROOT := $(SERVER)/ROOT
 
 $(SERVERROOT): $(CLIENTROOT)
+	cp -v $(PWD)/SNAP/usher-server $(SERVER)/SNAP/usher && \
 	cd $(SERVER) && make -f ../Makefile.server && mv *.snap ../
 
 $(CLIENTROOT): $(SRCDIR)/sshd
@@ -68,6 +70,7 @@ $(CLIENTROOT): $(SRCDIR)/sshd
 		$(SERVERROOT)/usr/share/man/man5/sshd_config.5 && \
 	mv -v $(CLIENTROOT)/usr/share/man/man8/sftp-server.8 \
 		$(SERVERROOT)/usr/share/man/man8/sftp-server.8 && \
+	cp -v $(PWD)/SNAP/usher-client $(CLIENT)/SNAP/usher && \
 	cd $(CLIENT) && make -f ../Makefile.client && mv *.snap ../
 
 $(SRCDIR)/configure: $(ARCHIVE)

Makefile.server

@@ -8,6 +8,7 @@
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
 
+DEPENDS = glibc,openssh-client,openssl,zlib
 BRIEF = OpenSSH server
 DESC = The OpenSSH server allows remote users to access the system securely
                                                                                 

SNAP/sshd.init

@@ -1,9 +1,10 @@
 #!/bin/sh
-
 ### BEGIN INIT INFO
 # Provides:            sshd
 # Required-Start:      $network $syslog
 # Required-Stop:       $network $syslog
+# Should-Start:
+# Should-Stop:
 # Default-Start:       3 4 5
 # Default-Stop:        0 1 2 6
 # Short-Description:   OpenBSD Secure Shell server
@@ -12,38 +13,51 @@
 . /lib/lsb/init-functions
 
 DAEMON=/usr/sbin/sshd
-
+PIDFILE=/var/run/sshd.pid
-check_privsep_dir() {
+PRIVSEPDIR=/var/run/sshd
-  # Create the PrivSep empty dir if necessary
-  if [ ! -d /var/run/sshd ]; then
-    mkdir /var/run/sshd
-    chmod 0755 /var/run/sshd
-  fi
-}
 
 case "$1" in
   start)
-    check_privsep_dir
+    log_init_msg "Starting OpenBSD Secure Shell server"
-    log_info_msg "Starting OpenBSD Secure Shell server"
+
-    $DAEMON && log_success_msg || log_failure_msg
+    if [ ! -d "$PRIVSEPDIR" ]; then
+      mkdir "$PRIVSEPDIR" || error=1
+    fi
+
+    chmod 0755 "$PRIVSEPDIR" || error=1
+    start_daemon "$DAEMON" || error=1
+
+    [ -z "$error" ] && log_success_msg || log_failure_msg
+
+    exit $error
     ;;
   stop)
-    log_info_msg "Stopping OpenBSD Secure Shell server"
+    pid=`pidofproc -p "$PIDFILE" "$DAEMON"`
 
-    if ! test -f /var/run/sshd.pid; then
+    if [ -n "$pid" ]; then
-      echo -n " - No sshd running"
+      log_init_msg "Stopping OpenBSD Secure Shell server"
-      log_warning_msg
+
+      killproc "$DAEMON" -TERM && log_success_msg || log_failure_msg
     else
-      kill -TERM $(cat /var/run/sshd.pid) && log_success_msg || log_failure_msg
+      log_init_msg "OpenBSD Secure Shell server not running" && log_success_msg
     fi
     ;;
-  restart)
+  reload|restart)
-    $0 stop
+    log_init_msg "Restarting OpenBSD Secure Shell server"
-    sleep 1
+
-    $0 start
+    killproc -p "$PIDFILE" "$DAEMON" -HUP && log_success_msg || log_failure_msg
+    ;;
+  status)
+    pid=$(pidofproc -p "$PIDFILE" "$DAEMON")
+
+    if [ "$?" -ne 0 ]; then
+      echo "OpenBSD Secure Shell server not running"
+    else
+      echo "OpenBSD Secure Shell server running with PID: $pid"
+    fi
     ;;
   *)
-    echo "Usage: $0 [start|stop|restart]"
+    echo "Usage: $0 [start|stop|reload|restart|status]"
     exit 1
     ;;
 esac

SNAP/usher

@@ -18,7 +18,7 @@ case $1 in
       fi
       if ! chroot ${TARGET} 'getent passwd sshd 2>&1 > /dev/null'; then
         if chroot ${TARGET} 'useradd -c "sshd PrivSep" \
-        -d /var/lib/sshd -g sshd -s /bin/false -u 50 sshd'; then
+        -d /var/run/sshd -g sshd -s /bin/false -u 50 sshd'; then
           echo 'Created user sshd'
         else
           echo 'Failed to create user sshd!'
@@ -29,14 +29,6 @@ case $1 in
       if [ ! -f ${TARGET}/etc/ssh/ssh_host_rsa_key ]; then
         chroot ${TARGET} 'ssh-keygen -A'
       fi
-
-      if [ ! -f ${TARGET}/etc/ssh/ssh_config ]; then
-        cp ${TARGET}/usr/share/openssh/ssh_config ${TARGET}/etc/ssh
-      fi
-
-      if [ ! -f ${TARGET}/etc/ssh/sshd_config ]; then
-        cp ${TARGET}/usr/share/openssh/sshd_config ${TARGET}/etc/ssh
-      fi
     else
       if ! getent group sshd 2>&1 > /dev/null; then
         if groupadd -g 50 sshd; then
@@ -47,7 +39,7 @@ case $1 in
         fi
       fi
       if ! getent passwd sshd 2>&1 > /dev/null; then
-        if useradd -c 'sshd PrivSep' -d /var/lib/sshd -g sshd \
+        if useradd -c 'sshd PrivSep' -d /var/run/sshd -g sshd \
         -s /bin/false -u 50 sshd; then
           echo 'Created user sshd'
         else
@@ -59,14 +51,14 @@ case $1 in
       if [ ! -f /etc/ssh/ssh_host_rsa_key ]; then
         ssh-keygen -A
       fi
-
-      if [ ! -f /etc/ssh/ssh_config ]; then
-        cp /usr/share/openssh/ssh_config /etc/ssh
     fi
 
-      if [ ! -f /etc/ssh/sshd_config ]; then
+    if [ ! -f ${TARGET}/etc/ssh/ssh_config ]; then
-        cp /usr/share/openssh/sshd_config /etc/ssh
+      cp ${TARGET}/usr/share/openssh/ssh_config ${TARGET}/etc/ssh
     fi
+
+    if [ ! -f ${TARGET}/etc/ssh/sshd_config ]; then
+      cp ${TARGET}/usr/share/openssh/sshd_config ${TARGET}/etc/ssh
     fi
     ;;
   prerm)

SNAP/usher-client

@@ -0,0 +1,20 @@
+#!/bin/bash
+
+set -e
+
+case $1 in
+  preinst)
+    exit 0
+    ;;
+  postinst)
+    if [ ! -f ${TARGET}/etc/ssh/ssh_config ]; then
+      cp ${TARGET}/usr/share/openssh/ssh_config ${TARGET}/etc/ssh
+    fi
+    ;;
+  prerm)
+    exit 0
+    ;;
+  postrm)
+    exit 0
+    ;;
+esac

SNAP/usher-server

@@ -0,0 +1,66 @@
+#!/bin/bash
+
+set -e
+
+case $1 in
+  preinst)
+    exit 0
+    ;;
+  postinst)
+    if [[ ${TARGET} ]]; then
+      if ! chroot ${TARGET} 'getent group sshd 2>&1' > /dev/null; then
+        if chroot ${TARGET} 'groupadd -g 50 sshd'; then
+          echo 'Created group sshd'
+        else
+          echo 'Failed to create group sshd!'
+          exit 1
+        fi
+      fi
+      if ! chroot ${TARGET} 'getent passwd sshd 2>&1 > /dev/null'; then
+        if chroot ${TARGET} 'useradd -c "sshd PrivSep" \
+        -d /var/run/sshd -g sshd -s /bin/false -u 50 sshd'; then
+          echo 'Created user sshd'
+        else
+          echo 'Failed to create user sshd!'
+          exit 1
+        fi
+      fi
+
+      if [ ! -f ${TARGET}/etc/ssh/ssh_host_rsa_key ]; then
+        chroot ${TARGET} 'ssh-keygen -A'
+      fi
+    else
+      if ! getent group sshd 2>&1 > /dev/null; then
+        if groupadd -g 50 sshd; then
+          echo 'Created group sshd'
+        else
+          echo 'Failed to create group sshd!'
+          exit 1
+        fi
+      fi
+      if ! getent passwd sshd 2>&1 > /dev/null; then
+        if useradd -c 'sshd PrivSep' -d /var/run/sshd -g sshd \
+        -s /bin/false -u 50 sshd; then
+          echo 'Created user sshd'
+        else
+          echo 'Failed to create user sshd!'
+          exit 1
+        fi
+      fi
+
+      if [ ! -f /etc/ssh/ssh_host_rsa_key ]; then
+        ssh-keygen -A
+      fi
+    fi
+
+    if [ ! -f ${TARGET}/etc/ssh/sshd_config ]; then
+      cp ${TARGET}/usr/share/openssh/sshd_config ${TARGET}/etc/ssh
+    fi
+    ;;
+  prerm)
+    exit 0
+    ;;
+  postrm)
+    exit 0
+    ;;
+esac