summaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity/openssh/openssh_7.5p1.bb
diff options
context:
space:
mode:
authorJoshua Watt <jpewhacker@gmail.com>2017-07-03 20:18:18 -0500
committerRichard Purdie <richard.purdie@linuxfoundation.org>2017-09-25 14:14:16 +0100
commitae32558a19ae3b3f175365dc0e10fa74a91e28ce (patch)
tree6f5476c59bf2c89c13100f6b2ccf6497bfcf02d2 /meta/recipes-connectivity/openssh/openssh_7.5p1.bb
parentedcf39820f94c84b29c95a0d7b16b8d36857e87b (diff)
downloadpoky-ae32558a19ae3b3f175365dc0e10fa74a91e28ce.tar.gz
openssh: Fix key generation with systemd
106b59d9 broke SSH host key generation when systemd and a read-only root file system are in use because there isn't a way for systemd to get the optional weak assigment of SYSCONFDIR from /etc/default/sshd and still provide a default value if it is not specified. Instead, move the logic for determining if keys need to be created to a helper script that both the SysV init script and the systemd unit file can reference. This does mean that the systemd unit file can't check for file existence to know if it should start the service, but it wasn't able to do that correctly anyway anymore. This should be a problem since the serivce is only run once per power cycle by systemd, and should exit quickly if the keys already exist (From OE-Core rev: 7e49c5879862253ae1b6a26535d07a2740a95798) Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-connectivity/openssh/openssh_7.5p1.bb')
-rw-r--r--meta/recipes-connectivity/openssh/openssh_7.5p1.bb8
1 files changed, 8 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssh/openssh_7.5p1.bb b/meta/recipes-connectivity/openssh/openssh_7.5p1.bb
index e46b4c86ad..86ca6ff372 100644
--- a/meta/recipes-connectivity/openssh/openssh_7.5p1.bb
+++ b/meta/recipes-connectivity/openssh/openssh_7.5p1.bb
@@ -27,6 +27,7 @@ SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar
27 file://openssh-7.1p1-conditional-compile-des-in-pkcs11.patch \ 27 file://openssh-7.1p1-conditional-compile-des-in-pkcs11.patch \
28 file://fix-potential-signed-overflow-in-pointer-arithmatic.patch \ 28 file://fix-potential-signed-overflow-in-pointer-arithmatic.patch \
29 file://0001-openssh-Fix-syntax-error-on-x32.patch \ 29 file://0001-openssh-Fix-syntax-error-on-x32.patch \
30 file://sshd_check_keys \
30 " 31 "
31 32
32PAM_SRC_URI = "file://sshd" 33PAM_SRC_URI = "file://sshd"
@@ -120,7 +121,13 @@ do_install_append () {
120 sed -i -e 's,@BASE_BINDIR@,${base_bindir},g' \ 121 sed -i -e 's,@BASE_BINDIR@,${base_bindir},g' \
121 -e 's,@SBINDIR@,${sbindir},g' \ 122 -e 's,@SBINDIR@,${sbindir},g' \
122 -e 's,@BINDIR@,${bindir},g' \ 123 -e 's,@BINDIR@,${bindir},g' \
124 -e 's,@LIBEXECDIR@,${libexecdir}/${BPN},g' \
123 ${D}${systemd_unitdir}/system/sshd.socket ${D}${systemd_unitdir}/system/*.service 125 ${D}${systemd_unitdir}/system/sshd.socket ${D}${systemd_unitdir}/system/*.service
126
127 sed -i -e 's,@LIBEXECDIR@,${libexecdir}/${BPN},g' \
128 ${D}${sysconfdir}/init.d/sshd
129
130 install -D -m 0755 ${WORKDIR}/sshd_check_keys ${D}${libexecdir}/${BPN}/sshd_check_keys
124} 131}
125 132
126do_install_ptest () { 133do_install_ptest () {
@@ -135,6 +142,7 @@ FILES_${PN}-scp = "${bindir}/scp.${BPN}"
135FILES_${PN}-ssh = "${bindir}/ssh.${BPN} ${sysconfdir}/ssh/ssh_config" 142FILES_${PN}-ssh = "${bindir}/ssh.${BPN} ${sysconfdir}/ssh/ssh_config"
136FILES_${PN}-sshd = "${sbindir}/sshd ${sysconfdir}/init.d/sshd ${systemd_unitdir}/system" 143FILES_${PN}-sshd = "${sbindir}/sshd ${sysconfdir}/init.d/sshd ${systemd_unitdir}/system"
137FILES_${PN}-sshd += "${sysconfdir}/ssh/moduli ${sysconfdir}/ssh/sshd_config ${sysconfdir}/ssh/sshd_config_readonly ${sysconfdir}/default/volatiles/99_sshd ${sysconfdir}/pam.d/sshd" 144FILES_${PN}-sshd += "${sysconfdir}/ssh/moduli ${sysconfdir}/ssh/sshd_config ${sysconfdir}/ssh/sshd_config_readonly ${sysconfdir}/default/volatiles/99_sshd ${sysconfdir}/pam.d/sshd"
145FILES_${PN}-sshd += "${libexecdir}/${BPN}/sshd_check_keys"
138FILES_${PN}-sftp = "${bindir}/sftp" 146FILES_${PN}-sftp = "${bindir}/sftp"
139FILES_${PN}-sftp-server = "${libexecdir}/sftp-server" 147FILES_${PN}-sftp-server = "${libexecdir}/sftp-server"
140FILES_${PN}-misc = "${bindir}/ssh* ${libexecdir}/ssh*" 148FILES_${PN}-misc = "${bindir}/ssh* ${libexecdir}/ssh*"