From 53f618daeffc1a9ca47502111d3905a04f656477 Mon Sep 17 00:00:00 2001 From: Jan F Date: Sat, 23 Apr 2011 09:13:06 +0200 Subject: [PATCH] add systemd units --- openssh.spec | 20 +++++++++++++++++++- ssh-keygen-dsa.service | 18 ++++++++++++++++++ ssh-keygen-rsa.service | 18 ++++++++++++++++++ ssh-keygen-rsa1.service | 18 ++++++++++++++++++ sshd.service | 13 +++++++++++++ sshd.socket | 10 ++++++++++ 6 files changed, 96 insertions(+), 1 deletion(-) create mode 100644 ssh-keygen-dsa.service create mode 100644 ssh-keygen-rsa.service create mode 100644 ssh-keygen-rsa1.service create mode 100644 sshd.service create mode 100644 sshd.socket diff --git a/openssh.spec b/openssh.spec index 88a98e4..a013339 100644 --- a/openssh.spec +++ b/openssh.spec @@ -71,7 +71,7 @@ # Do not forget to bump pam_ssh_agent_auth release if you rewind the main package release to 1 %define openssh_ver 5.8p1 -%define openssh_rel 28 +%define openssh_rel 29 %define pam_ssh_agent_ver 0.9.2 %define pam_ssh_agent_rel 30 @@ -94,6 +94,11 @@ Source4: http://prdownloads.sourceforge.net/pamsshagentauth/pam_ssh_agent_auth/p Source5: pam_ssh_agent-rmheaders Source6: ssh-keycat.pam Source7: sshd.sysconfig +Source8: ssh-keygen-dsa.service +Source9: ssh-keygen-rsa.service +Source10: ssh-keygen-rsa1.service +Source11: sshd.service +Source12: sshd.socket Patch99: openssh-5.8p1-wIm.patch #https://bugzilla.mindrot.org/show_bug.cgi?id=1635 (WONTFIX) @@ -513,6 +518,11 @@ install -m644 %{SOURCE2} $RPM_BUILD_ROOT/etc/pam.d/sshd install -m644 %{SOURCE6} $RPM_BUILD_ROOT/etc/pam.d/ssh-keycat install -m755 %{SOURCE3} $RPM_BUILD_ROOT/etc/rc.d/init.d/sshd install -m644 %{SOURCE7} $RPM_BUILD_ROOT/etc/sysconfig/sshd +install -m644 %{SOURCE8} %{_unitdir}/ssh-keygen-dsa.service +install -m644 %{SOURCE9} %{_unitdir}/ssh-keygen-rsa.service +install -m644 %{SOURCE10} %{_unitdir}/ssh-keygen-rsa1.service +install -m644 %{SOURCE11} %{_unitdir}/sshd.service +install -m644 %{SOURCE12} %{_unitdir}/sshd.socket install -m755 contrib/ssh-copy-id $RPM_BUILD_ROOT%{_bindir}/ install contrib/ssh-copy-id.1 $RPM_BUILD_ROOT%{_mandir}/man1/ @@ -636,6 +646,11 @@ fi %attr(0644,root,root) %config(noreplace) /etc/pam.d/sshd %attr(0640,root,root) %config(noreplace) /etc/sysconfig/sshd %attr(0755,root,root) /etc/rc.d/init.d/sshd +%attr(0644,root,root) %{_unitdir}/ssh-keygen-dsa.service +%attr(0644,root,root) %{_unitdir}/ssh-keygen-rsa.service +%attr(0644,root,root) %{_unitdir}/ssh-keygen-rsa1.service +%attr(0644,root,root) %{_unitdir}/sshd.service +%attr(0644,root,root) %{_unitdir}/sshd.socket %endif %if %{ldap} @@ -671,6 +686,9 @@ fi %endif %changelog +* Fri Apr 22 2011 Jan F. Chadima - 5.8p1-28 + 0.9.2-30 +- add systemd units + * Fri Apr 22 2011 Jan F. Chadima - 5.8p1-28 + 0.9.2-30 - improving sshd -> passwd transation - add template for .local domain to sshd_config diff --git a/ssh-keygen-dsa.service b/ssh-keygen-dsa.service new file mode 100644 index 0000000..11504cf --- /dev/null +++ b/ssh-keygen-dsa.service @@ -0,0 +1,18 @@ +[Unit] +Description=SSH DSA Keygeneration. +After=syslog.target +Before=sshd.service +ConditionPathExists=!/etc/ssh/ssh_host_dsa_key + +[Service] +Type=oneshot +EnvironmentFile=/etc/sysconfig/sshd +ExecStart=/usr/bin/ssh-keygen -q -t dsa -f /etc/ssh/ssh_host_dsa_key -C '' -N '' +ExecStartPost=/bin/chown root:ssh_keys /etc/ssh/ssh_host_dsa_key +ExecStartPost=/bin/chmod 640 /etc/ssh/ssh_host_dsa_key +ExecStartPost=/bin/chmod 644 /etc/ssh/ssh_host_dsa_key.pub +ExecStartPost=/sbin/restorecon /etc/ssh/ssh_host_dsa_key /etc/ssh/ssh_host_dsa_key.pub +RemainAfterExit=yes + +[Install] +WantedBy=multi-user.target diff --git a/ssh-keygen-rsa.service b/ssh-keygen-rsa.service new file mode 100644 index 0000000..ca23a07 --- /dev/null +++ b/ssh-keygen-rsa.service @@ -0,0 +1,18 @@ +[Unit] +Description=SSH RSA Keygeneration. +After=syslog.target +Before=sshd.service +ConditionPathExists=!/etc/ssh/ssh_host_rsa_key + +[Service] +Type=oneshot +EnvironmentFile=/etc/sysconfig/sshd +ExecStart=/usr/bin/ssh-keygen -q -t rsa -f /etc/ssh/ssh_host_rsa_key -C '' -N '' +ExecStartPost=/bin/chown root:ssh_keys /etc/ssh/ssh_host_rsa_key +ExecStartPost=/bin/chmod 640 /etc/ssh/ssh_host_rsa_key +ExecStartPost=/bin/chmod 644 /etc/ssh/ssh_host_rsa_key.pub +ExecStartPost=/sbin/restorecon /ssh/ssh_host_rsa_key /etc/ssh/ssh_host_rsa_key.pub +RemainAfterExit=yes + +[Install] +WantedBy=multi-user.target diff --git a/ssh-keygen-rsa1.service b/ssh-keygen-rsa1.service new file mode 100644 index 0000000..1ec5626 --- /dev/null +++ b/ssh-keygen-rsa1.service @@ -0,0 +1,18 @@ +[Unit] +Description=SSH RSA1 Keygeneration. +After=syslog.target +Before=sshd.service +ConditionPathExists=!/etc/ssh/ssh_host_key + +[Service] +Type=oneshot +EnvironmentFile=/etc/sysconfig/sshd +ExecStart=/usr/bin/ssh-keygen -q -t rsa1 -f /etc/ssh/ssh_host_key -C '' -N '' +ExecStartPost=/bin/chown root:ssh_keys /etc/ssh/ssh_host_key +ExecStartPost=/bin/chmod 640 /etc/ssh/ssh_host_key +ExecStartPost=/bin/chmod 644 /etc/ssh/ssh_host_key.pub +ExecStartPost=/sbin/restorecon /etc/ssh/ssh_host_key /etc/ssh/ssh_host_key.pub +RemainAfterExit=yes + +[Install] +WantedBy=multi-user.target diff --git a/sshd.service b/sshd.service new file mode 100644 index 0000000..0f8e9f0 --- /dev/null +++ b/sshd.service @@ -0,0 +1,13 @@ +[Unit] +Description=OpenSSH server daemon. +After=syslog.target network.target + +[Service] +Type=forking +PIDFile=/var/run/sshd.pid +EnvironmentFile=/etc/sysconfig/sshd +ExecStartPre=/usr/sbin/sshd -t +ExecStart=/usr/sbin/sshd $OPTIONS + +[Install] +WantedBy=multi-user.target diff --git a/sshd.socket b/sshd.socket new file mode 100644 index 0000000..a278031 --- /dev/null +++ b/sshd.socket @@ -0,0 +1,10 @@ +[Unit] +Description=OpenSSH Server Socket. +Conflicts=sshd.service + +[Socket] +ListenStream=22 +Accept=yes + +[Install] +WantedBy=sockets.target