mirror of
git://anongit.mindrot.org/openssh.git
synced 2024-12-28 04:52:07 +00:00
73b42d2bb0
[contrib/redhat/sshd.init openbsd-compat/Makefile.in] [openbsd-compat/openbsd-compat.h openbsd-compat/port-linux.c] [openbsd-compat/port-linux.h] Add support for SELinux, setting the execution and TTY contexts. based on patch from Daniel Walsh, bz #880; ok dtucker@
164 lines
2.8 KiB
Bash
Executable File
164 lines
2.8 KiB
Bash
Executable File
#!/bin/bash
|
|
#
|
|
# Init file for OpenSSH server daemon
|
|
#
|
|
# chkconfig: 2345 55 25
|
|
# description: OpenSSH server daemon
|
|
#
|
|
# processname: sshd
|
|
# config: /etc/ssh/ssh_host_key
|
|
# config: /etc/ssh/ssh_host_key.pub
|
|
# config: /etc/ssh/ssh_random_seed
|
|
# config: /etc/ssh/sshd_config
|
|
# pidfile: /var/run/sshd.pid
|
|
|
|
# source function library
|
|
. /etc/rc.d/init.d/functions
|
|
|
|
# pull in sysconfig settings
|
|
[ -f /etc/sysconfig/sshd ] && . /etc/sysconfig/sshd
|
|
|
|
RETVAL=0
|
|
prog="sshd"
|
|
|
|
# Some functions to make the below more readable
|
|
KEYGEN=/usr/bin/ssh-keygen
|
|
SSHD=/usr/sbin/sshd
|
|
RSA1_KEY=/etc/ssh/ssh_host_key
|
|
RSA_KEY=/etc/ssh/ssh_host_rsa_key
|
|
DSA_KEY=/etc/ssh/ssh_host_dsa_key
|
|
PID_FILE=/var/run/sshd.pid
|
|
|
|
do_rsa1_keygen() {
|
|
if [ ! -s $RSA1_KEY ]; then
|
|
echo -n $"Generating SSH1 RSA host key: "
|
|
if $KEYGEN -q -t rsa1 -f $RSA1_KEY -C '' -N '' >&/dev/null; then
|
|
chmod 600 $RSA1_KEY
|
|
chmod 644 $RSA1_KEY.pub
|
|
if [ -x /sbin/restorecon ]; then
|
|
/sbin/restorecon $RSA1_KEY.pub
|
|
fi
|
|
success $"RSA1 key generation"
|
|
echo
|
|
else
|
|
failure $"RSA1 key generation"
|
|
echo
|
|
exit 1
|
|
fi
|
|
fi
|
|
}
|
|
|
|
do_rsa_keygen() {
|
|
if [ ! -s $RSA_KEY ]; then
|
|
echo -n $"Generating SSH2 RSA host key: "
|
|
if $KEYGEN -q -t rsa -f $RSA_KEY -C '' -N '' >&/dev/null; then
|
|
chmod 600 $RSA_KEY
|
|
chmod 644 $RSA_KEY.pub
|
|
if [ -x /sbin/restorecon ]; then
|
|
/sbin/restorecon $RSA_KEY.pub
|
|
fi
|
|
success $"RSA key generation"
|
|
echo
|
|
else
|
|
failure $"RSA key generation"
|
|
echo
|
|
exit 1
|
|
fi
|
|
fi
|
|
}
|
|
|
|
do_dsa_keygen() {
|
|
if [ ! -s $DSA_KEY ]; then
|
|
echo -n $"Generating SSH2 DSA host key: "
|
|
if $KEYGEN -q -t dsa -f $DSA_KEY -C '' -N '' >&/dev/null; then
|
|
chmod 600 $DSA_KEY
|
|
chmod 644 $DSA_KEY.pub
|
|
if [ -x /sbin/restorecon ]; then
|
|
/sbin/restorecon $DSA_KEY.pub
|
|
fi
|
|
success $"DSA key generation"
|
|
echo
|
|
else
|
|
failure $"DSA key generation"
|
|
echo
|
|
exit 1
|
|
fi
|
|
fi
|
|
}
|
|
|
|
do_restart_sanity_check()
|
|
{
|
|
$SSHD -t
|
|
RETVAL=$?
|
|
if [ ! "$RETVAL" = 0 ]; then
|
|
failure $"Configuration file or keys are invalid"
|
|
echo
|
|
fi
|
|
}
|
|
|
|
start()
|
|
{
|
|
# Create keys if necessary
|
|
do_rsa1_keygen
|
|
do_rsa_keygen
|
|
do_dsa_keygen
|
|
|
|
echo -n $"Starting $prog:"
|
|
initlog -c "$SSHD $OPTIONS" && success || failure
|
|
RETVAL=$?
|
|
[ "$RETVAL" = 0 ] && touch /var/lock/subsys/sshd
|
|
echo
|
|
}
|
|
|
|
stop()
|
|
{
|
|
echo -n $"Stopping $prog:"
|
|
killproc $SSHD -TERM
|
|
RETVAL=$?
|
|
[ "$RETVAL" = 0 ] && rm -f /var/lock/subsys/sshd
|
|
echo
|
|
}
|
|
|
|
reload()
|
|
{
|
|
echo -n $"Reloading $prog:"
|
|
killproc $SSHD -HUP
|
|
RETVAL=$?
|
|
echo
|
|
}
|
|
|
|
case "$1" in
|
|
start)
|
|
start
|
|
;;
|
|
stop)
|
|
stop
|
|
;;
|
|
restart)
|
|
stop
|
|
start
|
|
;;
|
|
reload)
|
|
reload
|
|
;;
|
|
condrestart)
|
|
if [ -f /var/lock/subsys/sshd ] ; then
|
|
do_restart_sanity_check
|
|
if [ "$RETVAL" = 0 ] ; then
|
|
stop
|
|
# avoid race
|
|
sleep 3
|
|
start
|
|
fi
|
|
fi
|
|
;;
|
|
status)
|
|
status $SSHD
|
|
RETVAL=$?
|
|
;;
|
|
*)
|
|
echo $"Usage: $0 {start|stop|restart|reload|condrestart|status}"
|
|
RETVAL=1
|
|
esac
|
|
exit $RETVAL
|