I've cleaned up Pekka Savola's newly revised sshd.init and additional
sshd-functions and modified them to work they way i've been arguing
they should work.
Compatibility functions are defined in ./contrib/redhat/sshd-functions,
which should get installed no matter what release of Red Hat Linux
OpenSSH is getting built for, to be consistent across releases.
Specific changes from Pekka's scripts:
- Look for .../init.d/functions and .../init.d/sshd-functions in
both /etc/init.d/ and /etc/rc.d/init.d/.
- Added LOCKFILE variable for /var/lock/subsys/sshd, so that all
pathnames (except for stuff in .../init.d/) are referred to via
shell variables.
- Changed '>&/dev/null' syntax to '&>/dev/null'
as recommended in
bash-1.14.x and bash-2.x man pages.
- Renamed all functions defined in sshd.init to begin with 'sshd_'
prefix, so that it's obvious to the casual onlooker when we're
calling a function that we define vs. one defined by Red Hat.
- Use '"${variable_name}"' rather than simply
'$variable_name' when
referring to shell variables. It's the only way to consistently
prevent errors caused by spaces in variable values and other
similar mistakes caused by assumptions.
- Fixed several minor errors (e.g., some strings were missing
$"...").
The specfile is also modified to remove the dependency on
initscripts>=4.16, and to install the new sshd-functions file.
I've attached the modifications as diffs against openssh-SNAP-20010218,
so that it's easy for Damien to see what's changed.
Much credit goes to Pekka Savola for the work toward cleaning up,
reorganizing, and improving the script.
--
jim knoble | jmknoble at jmknoble.cx | http://www.jmknoble.cx/
-------------- next part --------------
--- ./openssh-SNAP-20010218/contrib/redhat/sshd.init.orig-init Mon Nov 13
06:57:27 2000
+++ ./openssh-SNAP-20010218/contrib/redhat/sshd.init Sun Feb 18 02:58:26 2001
@@ -1,5 +1,5 @@
#!/bin/bash
-
+#
# Init file for OpenSSH server daemon
#
# chkconfig: 2345 55 25
@@ -13,105 +13,139 @@
# pidfile: /var/run/sshd.pid
# source function library
-. /etc/rc.d/init.d/functions
+# If the file exists, but is not readable, it's an error.
+# Likewise, if the fallback file doesn't exist, it's an error.
+if [ -f /etc/init.d/sshd-functions ]; then
+ . /etc/init.d/functions
+else
+ . /etc/rc.d/init.d/functions
+fi
+if [ $? -ne 0 ]; then
+ exit 1
+fi
+
+# Define compatibility functions used in this init script
+# If the file exists, but is not readable, it's an error.
+# Likewise, if the fallback file doesn't exist, it's an error.
+if [ -f /etc/init.d/sshd-functions ]; then
+ . /etc/init.d/sshd-functions
+else
+ . /etc/rc.d/init.d/sshd-functions
+fi
+if [ $? -ne 0 ]; then
+ exit 1
+fi
RETVAL=0
-# Some functions to make the below more readable
+PROG="sshd"
+SSHD=/usr/sbin/sshd
KEYGEN=/usr/bin/ssh-keygen
RSA1_KEY=/etc/ssh/ssh_host_key
RSA_KEY=/etc/ssh/ssh_host_rsa_key
DSA_KEY=/etc/ssh/ssh_host_dsa_key
PID_FILE=/var/run/sshd.pid
-do_rsa1_keygen() {
- if ! test -f $RSA1_KEY ; then
- echo -n "Generating SSH1 RSA host key: "
- if $KEYGEN -q -t rsa1 -f $RSA1_KEY -C '' -N ''
>&/dev/null; then
- success "RSA1 key generation"
+LOCKFILE=/var/lock/subsys/sshd
+
+# Define some functions to make the below more readable
+sshd_do_rsa1_keygen() {
+ if [ ! -s "${RSA1_KEY}" ]; then
+ echo -n $(localized $"Generating SSH1 RSA host key: ")
+ if "${KEYGEN}" -q -t rsa1 -f "${RSA1_KEY}" -C ''
-N '' \
+ &>/dev/null
+ then
+ my_success $"RSA1 key generation"
echo
else
- failure "RSA1 key generation"
+ my_failure $"RSA1 key generation"
echo
exit 1
fi
fi
}
-do_rsa_keygen() {
- if ! test -f $RSA_KEY ; then
- echo -n "Generating SSH2 RSA host key: "
- if $KEYGEN -q -t rsa -f $RSA_KEY -C '' -N ''
>&/dev/null; then
- success "RSA key generation"
+
+sshd_do_rsa_keygen() {
+ if [ ! -s "${RSA_KEY}" ]; then
+ echo -n $(localized $"Generating SSH2 RSA host key: ")
+ if "${KEYGEN}" -q -t rsa -f "${RSA_KEY}" -C '' -N
'' \
+ &>/dev/null
+ then
+ my_success $"RSA key generation"
echo
else
- failure "RSA key generation"
+ my_failure $"RSA key generation"
echo
exit 1
fi
fi
}
-do_dsa_keygen() {
- if ! test -f $DSA_KEY ; then
- echo -n "Generating SSH2 DSA host key: "
- if $KEYGEN -q -t dsa -f $DSA_KEY -C '' -N ''
>&/dev/null; then
- success "DSA key generation"
+
+sshd_do_dsa_keygen() {
+ if [ ! -s "${DSA_KEY}" ]; then
+ echo -n $(localized $"Generating SSH2 DSA host key: ")
+ if "${KEYGEN}" -q -t dsa -f "${DSA_KEY}" -C '' -N
'' \
+ &>/dev/null
+ then
+ my_success $"DSA key generation"
echo
else
- failure "DSA key generation"
+ my_failure $"DSA key generation"
echo
exit 1
fi
fi
}
+sshd_start()
+{
+ # Create keys if necessary
+ sshd_do_rsa1_keygen
+ sshd_do_rsa_keygen
+ sshd_do_dsa_keygen
+
+ my_action $"Starting ${PROG}: " $"${PROG}" $""
"${SSHD}"
+ RETVAL=$?
+ [ "${RETVAL}" = 0 ] && touch "${LOCKFILE}"
+}
+
+sshd_stop()
+{
+ echo -n $(localized $"Stopping ${PROG}: ")
+ killproc "${SSHD}"
+ RETVAL=$?
+ echo
+ [ "${RETVAL}" = 0 ] && rm -f "${LOCKFILE}"
+}
+
case "$1" in
start)
- # Create keys if necessary
- do_rsa1_keygen;
- do_rsa_keygen;
- do_dsa_keygen;
-
- echo -n "Starting sshd: "
- if [ ! -f $PID_FILE ] ; then
- sshd
- RETVAL=$?
- if [ "$RETVAL" = "0" ] ; then
- success "sshd startup"
- touch /var/lock/subsys/sshd
- else
- failure "sshd startup"
- fi
- fi
- echo
+ sshd_start
;;
stop)
- echo -n "Shutting down sshd: "
- if [ -f $PID_FILE ] ; then
- killproc sshd
- RETVAL=$?
- [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/sshd
- fi
- echo
+ sshd_stop
;;
restart)
- $0 stop
- $0 start
+ sshd_stop
+ sshd_start
+ ;;
+ reload)
+ echo -n $(localized $"Reloading ${PROG}: ")
+ killproc "${SSHD}" -HUP
RETVAL=$?
+ echo
;;
condrestart)
- if [ -f /var/lock/subsys/sshd ] ; then
- $0 stop
- $0 start
- RETVAL=$?
+ if [ -f "${LOCKFILE}" ] ; then
+ sshd_stop
+ sshd_start
fi
;;
status)
- status sshd
+ status "${SSHD}"
RETVAL=$?
;;
*)
- echo "Usage: sshd {start|stop|restart|status|condrestart}"
- exit 1
- ;;
+ echo $(localized $"Usage: $0
{start|stop|restart|reload|condrestart|status}")
+ RETVAL=1
esac
-
-exit $RETVAL
+exit ${RETVAL}
--- ./openssh-SNAP-20010218/contrib/redhat/sshd-functions.orig-init Sun Feb 18
02:57:56 2001
+++ ./openssh-SNAP-20010218/contrib/redhat/sshd-functions Sun Feb 18 02:58:32
2001
@@ -0,0 +1,97 @@
+#!/bin/bash
+#
+# Compability functions for sshd initscript
+# Parts of my_action() are derived from Red Hat Linux 6.x initscripts.
+
+# Handle arguments localized using $"..." construct, if that
construct
+# is not available in this version of bash.
+localized() {
+ case "${BASH_VERSION}" in
+ 1.*)
+ # Remove leading '$' character.
+ echo "${@#$}"
+ ;;
+ *)
+ echo "$@"
+ ;;
+ esac
+}
+
+# Indicate success, using success() function if available;
+# otherwise, use method compatible with initscripts < 4.0
+# (Red Hat Linux <= 5.2).
+# PARAMETERS:
+# $1 => message to pass to success()
+# $2 => message to display in compatibility mode, if different
+# from default of "done"
+my_success() {
+ local msg
+ if [ $# -gt 1 ]; then
+ msg="$2"
+ else
+ msg="done"
+ fi
+ case "$(type -type success)" in
+ function)
+ success "$(localized "$1")"
+ ;;
+ *)
+ echo -n "$(localized "${msg}")"
+ ;;
+ esac
+}
+
+# Indicate failure, using failure() function if available;
+# otherwise, use method compatible with initscripts < 4.0
+# (Red Hat Linux <= 5.2).
+# PARAMETERS:
+# $1 => message to pass to failure()
+# $2 => message to display in compatibility mode, if different
+# from default of "FAILED"
+my_failure() {
+ local msg
+ if [ $# -gt 1 ]; then
+ msg="$2"
+ else
+ msg="FAILED"
+ fi
+ case "$(type -type failure)" in
+ function)
+ failure "$(localized "$1")"
+ ;;
+ *)
+ echo -n "$(localized "${msg}")"
+ ;;
+ esac
+}
+
+# Perform an action, using the action() function (which logs output)
+# if available. If unavailable, perform the action and indicate
+# success or failure appropriately.
+# PARAMETERS:
+# $1 => message to display and log in action(), or to display
+# while performing action in compatibility mode
+# $2 => message to display on success in compatibility mode
+# $3 => message to display on failure in compatibility mode
+my_action() {
+ local status
+ local msg="$(localized "$1")"
+ local success_msg="$(localized "$2")"
+ local failure_msg="$(localized "$3")"
+ shift 3
+ case "$(type -type action)" in
+ function)
+ action "${msg}" "$@"
+ status=$?
+ ;;
+ *)
+ echo -n "${msg}"
+ "$@" && my_success "${msg}"
"${success_msg}" \
+ || my_failure "${msg}" "${failure_msg}"
+ status=$?
+ echo
+ ;;
+ esac
+ return ${status}
+}
+
--- ./openssh-SNAP-20010218/contrib/redhat/openssh.spec.orig-init Wed Feb 14
23:33:17 2001
+++ ./openssh-SNAP-20010218/contrib/redhat/openssh.spec Sun Feb 18 03:03:24 2001
@@ -57,7 +57,6 @@
Group: System Environment/Daemons
Obsoletes: ssh-server
PreReq: openssh = %{version}-%{release}, chkconfig >= 0.9
-Requires: initscripts >= 4.16
%package askpass
Summary: OpenSSH X11 passphrase dialog
@@ -195,6 +194,7 @@
install -m644 contrib/redhat/sshd.pam-7.x $RPM_BUILD_ROOT/etc/pam.d/sshd
%endif
install -m755 contrib/redhat/sshd.init $RPM_BUILD_ROOT/etc/rc.d/init.d/sshd
+install -m644 contrib/redhat/sshd-functions
$RPM_BUILD_ROOT/etc/rc.d/init.d/sshd-functions
%if ! %{no_x11_askpass}
install -s x11-ssh-askpass-%{aversion}/x11-ssh-askpass
$RPM_BUILD_ROOT/usr/libexec/openssh/x11-ssh-askpass
@@ -261,6 +261,7 @@
%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/sshd_config
%attr(0600,root,root) %config(noreplace) /etc/pam.d/sshd
%attr(0755,root,root) %config /etc/rc.d/init.d/sshd
+%attr(0644,root,root) %config /etc/rc.d/init.d/sshd-functions
%if ! %{no_x11_askpass}
%files askpass
@@ -279,6 +280,9 @@
%endif
%changelog
+* Sun Feb 18 2001 Jim Knoble <jmknoble at jmknoble.cx>
+- Added compatibility functions for sshd initscript in sshd-functions.
+- Removed dependency on initscripts >= 4.16.
* Mon Oct 18 2000 Damien Miller <djm at mindrot.org>
- Merge some of Nalin Dahyabhai <nalin at redhat.com> changes from the
Redhat 7.0 spec file
Jim Knoble
2001-Feb-18 09:26 UTC
Fix: PATCH: Round 2: RH initscripts backward compatibility
Circa 2001-Feb-18 03:26:03 -0500 dixit Jim Knoble:
: I've cleaned up Pekka Savola's newly revised sshd.init and additional
: sshd-functions and modified them to work they way i've been arguing
: they should work.
:
: Compatibility functions are defined in ./contrib/redhat/sshd-functions,
: which should get installed no matter what release of Red Hat Linux
: OpenSSH is getting built for, to be consistent across releases.
There's a problem in the localized() function in
./contrib/redhat/sshd-functions (contained in the patch i submitted
earlier), where trailing whitespace disappears under bash-1.14.x.
The attached patch, applied after the earlier one, fixes the problem.
--
jim knoble | jmknoble at jmknoble.cx | http://www.jmknoble.cx/
-------------- next part --------------
--- ./openssh-SNAP-20010218/contrib/redhat/sshd-functions.orig-localfix Sun Feb
18 02:58:32 2001
+++ ./openssh-SNAP-20010218/contrib/redhat/sshd-functions Sun Feb 18 04:18:10
2001
@@ -3,16 +3,18 @@
# Compability functions for sshd initscript
# Parts of my_action() are derived from Red Hat Linux 6.x initscripts.
-# Handle arguments localized using $"..." construct, if that
construct
+# Handle argument localized using $"..." construct, if that construct
# is not available in this version of bash.
+# PARAMETERS:
+# $1 => string possibly containing leading '$' to remove
localized() {
case "${BASH_VERSION}" in
1.*)
# Remove leading '$' character.
- echo "${@#$}"
+ echo "${1#$}"
;;
*)
- echo "$@"
+ echo "$1"
;;
esac
}
On Sun, 18 Feb 2001, Jim Knoble wrote:> - Fixed several minor errors (e.g., some strings were missing $"...").: : + echo -n $(localized $"Generating SSH1 RSA host key: ") [among other lines] If this can't be done in an RH-compatible fashion, I think this should be reverted to the old form 'echo -n "Generating SSH1 RSA host key: " for clarity && maintainibility, removing all localization. It's not like there's any i18n work going on with OpenSSH at the moment ;-) -- Pekka Savola "Tell me of difficulties surmounted, Netcore Oy not those you stumble over and fall" Systems. Networks. Security. -- Robert Jordan: A Crown of Swords
On Sun, Feb 18, 2001 at 03:26:03AM -0500, Jim Knoble wrote:> +if [ -f /etc/init.d/sshd-functions ]; then > + . /etc/init.d/functions > +else > + . /etc/rc.d/init.d/functions > +fiSo you check for the existence of sshd-functions, but you source functions? (I have not seen the whole init file just this patch, so maybe this is correct) Mate