'[OE-core] [PATCH 2/4] openssh: fix sshd key generation when systemd is in use and rootfs is readonly'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openembedded-core
Subject:    [OE-core] [PATCH 2/4] openssh: fix sshd key generation when systemd is in use and rootfs is readonly
From:       alexander.kanavin () linux ! intel ! com (Alexander Kanavin)
Date:       2015-09-30 12:53:16
Message-ID: 1443617598-30123-2-git-send-email-alexander.kanavin () linux ! intel ! com
[Download RAW message or body]

[YOCTO #8365]

Signed-off-by: Alexander Kanavin <alexander.kanavin at linux.intel.com>
---
 .../openssh/openssh/sshd at .service                   |  4 +++-
 .../openssh/openssh/sshdgenkeys.service             | 21 ++++++++++++++++-----
 2 files changed, 19 insertions(+), 6 deletions(-)

diff --git a/meta/recipes-connectivity/openssh/openssh/sshd at .service \
b/meta/recipes-connectivity/openssh/openssh/sshd at .service index bb2d68e..9d83dfb \
                100644
--- a/meta/recipes-connectivity/openssh/openssh/sshd at .service
+++ b/meta/recipes-connectivity/openssh/openssh/sshd at .service
@@ -4,7 +4,9 @@ Wants=sshdgenkeys.service
 After=sshdgenkeys.service
 
 [Service]
-ExecStart=- at SBINDIR@/sshd -i
+Environment="SSHD_OPTS="
+EnvironmentFile=-/etc/default/ssh
+ExecStart=- at SBINDIR@/sshd -i $SSHD_OPTS
 ExecReload=@BASE_BINDIR@/kill -HUP $MAINPID
 StandardInput=socket
 StandardError=syslog
diff --git a/meta/recipes-connectivity/openssh/openssh/sshdgenkeys.service \
b/meta/recipes-connectivity/openssh/openssh/sshdgenkeys.service index \
                d65086f..148e6ad 100644
--- a/meta/recipes-connectivity/openssh/openssh/sshdgenkeys.service
+++ b/meta/recipes-connectivity/openssh/openssh/sshdgenkeys.service
@@ -1,11 +1,22 @@
 [Unit]
 Description=OpenSSH Key Generation
-ConditionPathExists=|!/etc/ssh/ssh_host_rsa_key
-ConditionPathExists=|!/etc/ssh/ssh_host_dsa_key
-ConditionPathExists=|!/etc/ssh/ssh_host_ecdsa_key
-ConditionPathExists=|!/etc/ssh/ssh_host_ed25519_key
+RequiresMountsFor=/var /run
+ConditionPathExists=!/var/run/ssh/ssh_host_rsa_key
+ConditionPathExists=!/var/run/ssh/ssh_host_dsa_key
+ConditionPathExists=!/var/run/ssh/ssh_host_ecdsa_key
+ConditionPathExists=!/var/run/ssh/ssh_host_ed25519_key
+ConditionPathExists=!/etc/ssh/ssh_host_rsa_key
+ConditionPathExists=!/etc/ssh/ssh_host_dsa_key
+ConditionPathExists=!/etc/ssh/ssh_host_ecdsa_key
+ConditionPathExists=!/etc/ssh/ssh_host_ed25519_key
 
 [Service]
-ExecStart=@BINDIR@/ssh-keygen -A
+Environment="SYSCONFDIR=/etc/ssh"
+EnvironmentFile=-/etc/default/ssh
+ExecStart=@BASE_BINDIR@/mkdir -p $SYSCONFDIR
+ExecStart=@BINDIR@/ssh-keygen -q -f ${SYSCONFDIR}/ssh_host_rsa_key -N '' -t rsa
+ExecStart=@BINDIR@/ssh-keygen -q -f ${SYSCONFDIR}/ssh_host_dsa_key -N '' -t dsa
+ExecStart=@BINDIR@/ssh-keygen -q -f ${SYSCONFDIR}/ssh_host_ecdsa_key -N '' -t ecdsa
+ExecStart=@BINDIR@/ssh-keygen -q -f ${SYSCONFDIR}/ssh_host_ed25519_key -N '' -t \
ed25519  Type=oneshot
 RemainAfterExit=yes
-- 
2.1.4


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic