From 5489ace8dc6637c62052009122b3acfd158f9e89 Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Fri, 15 Apr 2016 15:19:02 +0200
Subject: [PATCH] Add sshd-keygen.target to abstract key creation from
sshd.service and sshd@.service (#1325535)
* PartOf is needed to trigger sshd-keygen checks for sshd.service restarts
* sshd-keygen.target makes a level of abstraction to eliminate dupplicate
dependencies on both sshd and sshd@ services
---
openssh.spec | 3 +++
sshd-keygen.target | 5 +++++
sshd-keygen@.service | 4 +++-
sshd.service | 6 ++----
sshd@.service | 4 ++--
5 files changed, 15 insertions(+), 7 deletions(-)
create mode 100644 sshd-keygen.target
diff --git a/openssh.spec b/openssh.spec
index 1a94077..89829fd 100644
--- a/openssh.spec
+++ b/openssh.spec
@@ -89,6 +89,7 @@ Source11: sshd.service
Source12: sshd-keygen@.service
Source13: sshd-keygen
Source14: sshd.tmpfiles
+Source15: sshd-keygen.target
# Internal debug
Patch0: openssh-5.9p1-wIm.patch
@@ -649,6 +650,7 @@ install -m644 %{SOURCE9} $RPM_BUILD_ROOT/%{_unitdir}/sshd@.service
install -m644 %{SOURCE10} $RPM_BUILD_ROOT/%{_unitdir}/sshd.socket
install -m644 %{SOURCE11} $RPM_BUILD_ROOT/%{_unitdir}/sshd.service
install -m644 %{SOURCE12} $RPM_BUILD_ROOT/%{_unitdir}/sshd-keygen@.service
+install -m644 %{SOURCE15} $RPM_BUILD_ROOT/%{_unitdir}/sshd-keygen.target
install -m744 %{SOURCE13} $RPM_BUILD_ROOT/%{_libexecdir}/openssh/sshd-keygen
install -m755 contrib/ssh-copy-id $RPM_BUILD_ROOT%{_bindir}/
install contrib/ssh-copy-id.1 $RPM_BUILD_ROOT%{_mandir}/man1/
@@ -770,6 +772,7 @@ getent passwd sshd >/dev/null || \
%attr(0644,root,root) %{_unitdir}/sshd@.service
%attr(0644,root,root) %{_unitdir}/sshd.socket
%attr(0644,root,root) %{_unitdir}/sshd-keygen@.service
+%attr(0644,root,root) %{_unitdir}/sshd-keygen.target
%attr(0644,root,root) %{_tmpfilesdir}/openssh.conf
%endif
diff --git a/sshd-keygen.target b/sshd-keygen.target
new file mode 100644
index 0000000..9efb4e2
--- /dev/null
+++ b/sshd-keygen.target
@@ -0,0 +1,5 @@
+[Unit]
+Wants=sshd-keygen@rsa.service
+Wants=sshd-keygen@ecdsa.service
+Wants=sshd-keygen@ed25519.service
+PartOf=sshd.service
diff --git a/sshd-keygen@.service b/sshd-keygen@.service
index 7a7a8f8..f27f729 100644
--- a/sshd-keygen@.service
+++ b/sshd-keygen@.service
@@ -1,9 +1,11 @@
[Unit]
Description=OpenSSH %i Server Key Generation
ConditionFileNotEmpty=|!/etc/ssh/ssh_host_%i_key
-Before=sshd.service
[Service]
Type=oneshot
EnvironmentFile=-/etc/sysconfig/sshd
ExecStart=/usr/libexec/openssh/sshd-keygen %i
+
+[Install]
+WantedBy=sshd-keygen.target
diff --git a/sshd.service b/sshd.service
index c882eef..fe0f4a6 100644
--- a/sshd.service
+++ b/sshd.service
@@ -1,10 +1,8 @@
[Unit]
Description=OpenSSH server daemon
Documentation=man:sshd(8) man:sshd_config(5)
-After=network.target sshd-keygen.service
-Wants=sshd-keygen@rsa.service
-Wants=sshd-keygen@ecdsa.service
-Wants=sshd-keygen@ed25519.service
+After=network.target sshd-keygen.target
+Wants=sshd-keygen.target
[Service]
Type=forking
diff --git a/sshd@.service b/sshd@.service
index 9fed0db..196c555 100644
--- a/sshd@.service
+++ b/sshd@.service
@@ -1,8 +1,8 @@
[Unit]
Description=OpenSSH per-connection server daemon
Documentation=man:sshd(8) man:sshd_config(5)
-Wants=sshd-keygen.service
-After=sshd-keygen.service
+Wants=sshd-keygen.target
+After=sshd-keygen.target
[Service]
EnvironmentFile=-/etc/sysconfig/sshd