Add systemd stuff to keep track of service
This commit is contained in:
parent
140ef5a0f5
commit
4e7cdec7ef
@ -1,24 +0,0 @@
|
|||||||
diff -up openssh-7.4p1/misc.c.daemon openssh-7.4p1/misc.c
|
|
||||||
--- openssh-7.4p1/misc.c.daemon 2017-02-03 13:08:14.751282516 +0100
|
|
||||||
+++ openssh-7.4p1/misc.c 2017-02-03 13:08:14.778282474 +0100
|
|
||||||
@@ -1273,6 +1273,9 @@ daemonized(void)
|
|
||||||
return 0; /* parent is not init */
|
|
||||||
if (getsid(0) != getpid())
|
|
||||||
return 0; /* not session leader */
|
|
||||||
+ if (getenv("_SSH_DAEMONIZED") == NULL)
|
|
||||||
+ return 0; /* already reexeced */
|
|
||||||
+
|
|
||||||
debug3("already daemonized");
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
diff -up openssh-7.4p1/sshd.c.daemon openssh-7.4p1/sshd.c
|
|
||||||
--- openssh-7.4p1/sshd.c.daemon 2017-02-03 13:08:14.755282510 +0100
|
|
||||||
+++ openssh-7.4p1/sshd.c 2017-02-03 13:09:29.765164356 +0100
|
|
||||||
@@ -1866,6 +1866,7 @@ main(int ac, char **av)
|
|
||||||
if (daemon(0, 0) < 0)
|
|
||||||
fatal("daemon() failed: %.200s", strerror(errno));
|
|
||||||
|
|
||||||
+ setenv("_SSH_DAEMONIZED", "1", 1);
|
|
||||||
disconnect_controlling_tty();
|
|
||||||
}
|
|
||||||
/* Reinitialize the log (because of the fork above). */
|
|
99
openssh-7.4p1-systemd.patch
Normal file
99
openssh-7.4p1-systemd.patch
Normal file
@ -0,0 +1,99 @@
|
|||||||
|
commit 0e22b79bfde45a7cf7a2e51a68ec11c4285f3b31
|
||||||
|
Author: Jakub Jelen <jjelen@redhat.com>
|
||||||
|
Date: Mon Nov 21 15:04:06 2016 +0100
|
||||||
|
|
||||||
|
systemd stuff
|
||||||
|
|
||||||
|
diff --git a/configure.ac b/configure.ac
|
||||||
|
index 2ffc369..162ce92 100644
|
||||||
|
--- a/configure.ac
|
||||||
|
+++ b/configure.ac
|
||||||
|
@@ -4265,6 +4265,30 @@ AC_ARG_WITH([kerberos5],
|
||||||
|
AC_SUBST([GSSLIBS])
|
||||||
|
AC_SUBST([K5LIBS])
|
||||||
|
|
||||||
|
+# Check whether user wants systemd support
|
||||||
|
+SYSTEMD_MSG="no"
|
||||||
|
+AC_ARG_WITH(systemd,
|
||||||
|
+ [ --with-systemd Enable systemd support],
|
||||||
|
+ [ if test "x$withval" != "xno" ; then
|
||||||
|
+ AC_PATH_TOOL([PKGCONFIG], [pkg-config], [no])
|
||||||
|
+ if test "$PKGCONFIG" != "no"; then
|
||||||
|
+ AC_MSG_CHECKING([for libsystemd])
|
||||||
|
+ if $PKGCONFIG --exists libsystemd; then
|
||||||
|
+ SYSTEMD_CFLAGS=`$PKGCONFIG --cflags libsystemd`
|
||||||
|
+ SYSTEMD_LIBS=`$PKGCONFIG --libs libsystemd`
|
||||||
|
+ CPPFLAGS="$CPPFLAGS $SYSTEMD_CFLAGS"
|
||||||
|
+ SSHDLIBS="$SSHDLIBS $SYSTEMD_LIBS"
|
||||||
|
+ AC_MSG_RESULT([yes])
|
||||||
|
+ AC_DEFINE(HAVE_SYSTEMD, 1, [Define if you want systemd support.])
|
||||||
|
+ SYSTEMD_MSG="yes"
|
||||||
|
+ else
|
||||||
|
+ AC_MSG_RESULT([no])
|
||||||
|
+ fi
|
||||||
|
+ fi
|
||||||
|
+ fi ]
|
||||||
|
+)
|
||||||
|
+
|
||||||
|
+
|
||||||
|
# Looking for programs, paths and files
|
||||||
|
|
||||||
|
PRIVSEP_PATH=/var/empty
|
||||||
|
@@ -5097,6 +5121,7 @@ echo " libedit support: $LIBEDIT_MSG"
|
||||||
|
echo " Solaris process contract support: $SPC_MSG"
|
||||||
|
echo " Solaris project support: $SP_MSG"
|
||||||
|
echo " Solaris privilege support: $SPP_MSG"
|
||||||
|
+echo " systemd support: $SYSTEMD_MSG"
|
||||||
|
echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
|
||||||
|
echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
|
||||||
|
echo " BSD Auth support: $BSD_AUTH_MSG"
|
||||||
|
diff --git a/contrib/sshd.service b/contrib/sshd.service
|
||||||
|
new file mode 100644
|
||||||
|
index 0000000..e0d4923
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/contrib/sshd.service
|
||||||
|
@@ -0,0 +1,16 @@
|
||||||
|
+[Unit]
|
||||||
|
+Description=OpenSSH server daemon
|
||||||
|
+Documentation=man:sshd(8) man:sshd_config(5)
|
||||||
|
+After=network.target
|
||||||
|
+
|
||||||
|
+[Service]
|
||||||
|
+Type=notify
|
||||||
|
+ExecStart=/usr/sbin/sshd -D $OPTIONS
|
||||||
|
+ExecReload=/bin/kill -HUP $MAINPID
|
||||||
|
+KillMode=process
|
||||||
|
+Restart=on-failure
|
||||||
|
+RestartPreventExitStatus=255
|
||||||
|
+
|
||||||
|
+[Install]
|
||||||
|
+WantedBy=multi-user.target
|
||||||
|
+
|
||||||
|
diff --git a/sshd.c b/sshd.c
|
||||||
|
index 816611c..b8b9d13 100644
|
||||||
|
--- a/sshd.c
|
||||||
|
+++ b/sshd.c
|
||||||
|
@@ -85,6 +85,10 @@
|
||||||
|
#include <prot.h>
|
||||||
|
#endif
|
||||||
|
|
||||||
|
+#ifdef HAVE_SYSTEMD
|
||||||
|
+#include <systemd/sd-daemon.h>
|
||||||
|
+#endif
|
||||||
|
+
|
||||||
|
#include "xmalloc.h"
|
||||||
|
#include "ssh.h"
|
||||||
|
#include "ssh2.h"
|
||||||
|
@@ -1833,6 +1837,11 @@ main(int ac, char **av)
|
||||||
|
/* ignore SIGPIPE */
|
||||||
|
signal(SIGPIPE, SIG_IGN);
|
||||||
|
|
||||||
|
+#ifdef HAVE_SYSTEMD
|
||||||
|
+ /* Signal systemd that we are ready to accept connections */
|
||||||
|
+ sd_notify(0, "READY=1");
|
||||||
|
+#endif
|
||||||
|
+
|
||||||
|
/* Get a connection, either from inetd or a listening TCP socket */
|
||||||
|
if (inetd_flag) {
|
||||||
|
server_accept_inetd(&sock_in, &sock_out);
|
||||||
|
|
@ -226,12 +226,12 @@ Patch940: openssh-7.2p2-expose-pam.patch
|
|||||||
Patch942: openssh-7.2p2-chroot-capabilities.patch
|
Patch942: openssh-7.2p2-chroot-capabilities.patch
|
||||||
# Move MAX_DISPLAYS to a configuration option (#1341302)
|
# Move MAX_DISPLAYS to a configuration option (#1341302)
|
||||||
Patch944: openssh-7.3p1-x11-max-displays.patch
|
Patch944: openssh-7.3p1-x11-max-displays.patch
|
||||||
# Temporary workaround for upstream (#2641)
|
|
||||||
Patch945: openssh-7.4p1-daemon.patch
|
|
||||||
# Whitelist /usr/lib*/ as planed upstream to prevent breakage
|
# Whitelist /usr/lib*/ as planed upstream to prevent breakage
|
||||||
Patch946: openssh-7.4p1-pkcs11-whitelist.patch
|
Patch946: openssh-7.4p1-pkcs11-whitelist.patch
|
||||||
# Correct reporting errors from included files (#1408558)
|
# Correct reporting errors from included files (#1408558)
|
||||||
Patch947: openssh-7.4p1-include-errors.patch
|
Patch947: openssh-7.4p1-include-errors.patch
|
||||||
|
# Help systemd to track the running service
|
||||||
|
Patch948: openssh-7.4p1-systemd.patch
|
||||||
|
|
||||||
|
|
||||||
License: BSD
|
License: BSD
|
||||||
@ -262,6 +262,7 @@ BuildRequires: fipscheck-devel >= 1.3.0
|
|||||||
BuildRequires: openssl-devel >= 0.9.8j
|
BuildRequires: openssl-devel >= 0.9.8j
|
||||||
BuildRequires: perl-podlators
|
BuildRequires: perl-podlators
|
||||||
BuildRequires: libcap-ng-devel
|
BuildRequires: libcap-ng-devel
|
||||||
|
BuildRequires: systemd-devel
|
||||||
|
|
||||||
%if %{kerberos5}
|
%if %{kerberos5}
|
||||||
BuildRequires: krb5-devel
|
BuildRequires: krb5-devel
|
||||||
@ -465,9 +466,9 @@ popd
|
|||||||
%patch940 -p1 -b .expose-pam
|
%patch940 -p1 -b .expose-pam
|
||||||
%patch942 -p1 -b .chroot-cap
|
%patch942 -p1 -b .chroot-cap
|
||||||
%patch944 -p1 -b .x11max
|
%patch944 -p1 -b .x11max
|
||||||
%patch945 -p1 -b .daemon
|
|
||||||
%patch946 -p1 -b .pkcs11-whitelist
|
%patch946 -p1 -b .pkcs11-whitelist
|
||||||
%patch947 -p1 -b .include-errors
|
%patch947 -p1 -b .include-errors
|
||||||
|
%patch948 -p1 -b .systemd
|
||||||
|
|
||||||
%patch200 -p1 -b .audit
|
%patch200 -p1 -b .audit
|
||||||
%patch201 -p1 -b .audit-race
|
%patch201 -p1 -b .audit-race
|
||||||
@ -560,6 +561,7 @@ make clean
|
|||||||
--with-ssl-engine \
|
--with-ssl-engine \
|
||||||
--with-ipaddr-display \
|
--with-ipaddr-display \
|
||||||
--with-pie=no \
|
--with-pie=no \
|
||||||
|
--with-systemd \
|
||||||
%if %{ldap}
|
%if %{ldap}
|
||||||
--with-ldap \
|
--with-ldap \
|
||||||
%endif
|
%endif
|
||||||
|
@ -5,10 +5,9 @@ After=network.target sshd-keygen.target
|
|||||||
Wants=sshd-keygen.target
|
Wants=sshd-keygen.target
|
||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
Type=forking
|
Type=notify
|
||||||
PIDFile=/var/run/sshd.pid
|
|
||||||
EnvironmentFile=-/etc/sysconfig/sshd
|
EnvironmentFile=-/etc/sysconfig/sshd
|
||||||
ExecStart=/usr/sbin/sshd $OPTIONS
|
ExecStart=/usr/sbin/sshd -D $OPTIONS
|
||||||
ExecReload=/bin/kill -HUP $MAINPID
|
ExecReload=/bin/kill -HUP $MAINPID
|
||||||
KillMode=process
|
KillMode=process
|
||||||
Restart=on-failure
|
Restart=on-failure
|
||||||
|
Loading…
Reference in New Issue
Block a user