[packages/openssh.git] / opensshd.init

#!/bin/sh
#
# sshd		sshd (secure shell daemon)
#
# chkconfig:	345 11 89
#
# description:	sshd (secure shell daemon) is a server part of the ssh suite. \
#		Ssh can be used for remote login, remote file copying, TCP port \
#		forwarding etc. Ssh offers strong encryption and authentication.

SSHD_OOM_ADJUST=-17

# Source function library
. /etc/rc.d/init.d/functions

# Get network config
. /etc/sysconfig/network

# Get service config
[ -f /etc/sysconfig/sshd ] && . /etc/sysconfig/sshd

# Check that networking is up.
if is_yes "${NETWORKING}"; then
	if [ ! -f /var/lock/subsys/network -a "$1" != stop -a "$1" != status -a "$1" != init ]; then
		msg_network_down "OpenSSH"
		exit 1
	fi
else
	exit 0
fi

adjust_oom() {
	if [ -e /var/run/sshd.pid ]; then
		for pid in $(cat /var/run/sshd.pid); do
			echo "$SSHD_OOM_ADJUST" 2>/dev/null > /proc/$pid/oom_adj
		done
	fi
}

checkconfig() {
	/usr/sbin/sshd -t || exit 1
}

ssh_gen_keys() {
	# generate new keys with empty passwords if they do not exist
	if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then
		/usr/bin/ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key -N '' >&2
		chmod 600 /etc/ssh/ssh_host_key
		[ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_key
	fi
	if [ ! -f /etc/ssh/ssh_host_rsa_key -o ! -s /etc/ssh/ssh_host_rsa_key ]; then
		/usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' >&2
		chmod 600 /etc/ssh/ssh_host_rsa_key
		[ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_rsa_key
	fi
	if [ ! -f /etc/ssh/ssh_host_dsa_key -o ! -s /etc/ssh/ssh_host_dsa_key ]; then
		/usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' >&2
		chmod 600 /etc/ssh/ssh_host_dsa_key
		[ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_dsa_key
	fi
}

start() {
	# Check if the service is already running?
	if [ -f /var/lock/subsys/sshd ]; then
		msg_already_running "OpenSSH"
		return
	fi

	ssh_gen_keys

	checkconfig

	if [ ! -s /etc/ssh/ssh_host_key ]; then
		msg_not_running "OpenSSH"
		nls "No SSH host key found! You must run \"%s init\" first." "$0"
		exit 1
	fi

	if is_yes "$IPV4_NETWORKING" && is_no "$IPV6_NETWORKING"; then
		OPTIONS="$OPTIONS -4"
	fi
	if is_yes "$IPV6_NETWORKING" && is_no "$IPV4_NETWORKING"; then
		OPTIONS="$OPTIONS -6"
	fi

	msg_starting "OpenSSH"
	daemon --pidfile /var/run/sshd.pid /usr/sbin/sshd $OPTIONS
	RETVAL=$?
	adjust_oom
	[ $RETVAL -eq 0 ] && touch /var/lock/subsys/sshd
}

stop() {
	if [ -f /var/lock/subsys/sshd ]; then
		msg_stopping "OpenSSH"
		# we use start-stop-daemon to stop sshd, as it is unacceptable for such
		# critical service as sshd to kill it by procname, but unfortunately
		# rc-scripts does not provide way to kill *only* by pidfile
		start-stop-daemon --stop --quiet --pidfile /var/run/sshd.pid && ok || fail
		rm -f /var/lock/subsys/sshd >/dev/null 2>&1
	else
		msg_not_running "OpenSSH"
	fi
}

upstart_controlled --except init configtest

RETVAL=0
# See how we were called.
case "$1" in
  start)
  	start
	;;
  stop)
  	stop
	;;
  restart)
	checkconfig
	stop
	start
	;;
  status)
	status sshd
	exit $?
	;;
  init)
	nls "Now the SSH host key will be generated. Please note, that if you"
	nls "will use password for the key, you will need to type it on each"
	nls "reboot."
	ssh_gen_keys
	;;
  configtest)
	checkconfig
	;;
  reload|force-reload)
	if [ -f /var/lock/subsys/sshd ]; then
		checkconfig
		msg_reloading "OpenSSH"
		killproc sshd -HUP
		RETVAL=$?
	else
		msg_not_running "OpenSSH"
		exit 7
	fi
	;;
  *)
	msg_usage "$0 {start|stop|init|restart|reload|force-reload|status}"
	exit 3
esac

exit $RETVAL
Commit	Line	Data
	1	#!/bin/sh
	2	#
	3	# sshd sshd (secure shell daemon)
	4	#
	5	# chkconfig: 345 11 89
	6	#
	7	# description: sshd (secure shell daemon) is a server part of the ssh suite. \
	8	# Ssh can be used for remote login, remote file copying, TCP port \
	9	# forwarding etc. Ssh offers strong encryption and authentication.
	10
	11	SSHD_OOM_ADJUST=-17
	12
	13	# Source function library
	14	. /etc/rc.d/init.d/functions
	15
	16	# Get network config
	17	. /etc/sysconfig/network
	18
	19	# Get service config
	20	[ -f /etc/sysconfig/sshd ] && . /etc/sysconfig/sshd
	21
	22	# Check that networking is up.
	23	if is_yes "${NETWORKING}"; then
	24	if [ ! -f /var/lock/subsys/network -a "$1" != stop -a "$1" != status -a "$1" != init ]; then
	25	msg_network_down "OpenSSH"
	26	exit 1
	27	fi
	28	else
	29	exit 0
	30	fi
	31
	32	adjust_oom() {
	33	if [ -e /var/run/sshd.pid ]; then
	34	for pid in $(cat /var/run/sshd.pid); do
	35	echo "$SSHD_OOM_ADJUST" 2>/dev/null > /proc/$pid/oom_adj
	36	done
	37	fi
	38	}
	39
	40	checkconfig() {
	41	/usr/sbin/sshd -t \|\| exit 1
	42	}
	43
	44	ssh_gen_keys() {
	45	# generate new keys with empty passwords if they do not exist
	46	if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then
	47	/usr/bin/ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key -N '' >&2
	48	chmod 600 /etc/ssh/ssh_host_key
	49	[ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_key
	50	fi
	51	if [ ! -f /etc/ssh/ssh_host_rsa_key -o ! -s /etc/ssh/ssh_host_rsa_key ]; then
	52	/usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' >&2
	53	chmod 600 /etc/ssh/ssh_host_rsa_key
	54	[ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_rsa_key
	55	fi
	56	if [ ! -f /etc/ssh/ssh_host_dsa_key -o ! -s /etc/ssh/ssh_host_dsa_key ]; then
	57	/usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' >&2
	58	chmod 600 /etc/ssh/ssh_host_dsa_key
	59	[ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_dsa_key
	60	fi
	61	}
	62
	63	start() {
	64	# Check if the service is already running?
	65	if [ -f /var/lock/subsys/sshd ]; then
	66	msg_already_running "OpenSSH"
	67	return
	68	fi
	69
	70	ssh_gen_keys
	71
	72	checkconfig
	73
	74	if [ ! -s /etc/ssh/ssh_host_key ]; then
	75	msg_not_running "OpenSSH"
	76	nls "No SSH host key found! You must run \"%s init\" first." "$0"
	77	exit 1
	78	fi
	79
	80	if is_yes "$IPV4_NETWORKING" && is_no "$IPV6_NETWORKING"; then
	81	OPTIONS="$OPTIONS -4"
	82	fi
	83	if is_yes "$IPV6_NETWORKING" && is_no "$IPV4_NETWORKING"; then
	84	OPTIONS="$OPTIONS -6"
	85	fi
	86
	87	msg_starting "OpenSSH"
	88	daemon --pidfile /var/run/sshd.pid /usr/sbin/sshd $OPTIONS
	89	RETVAL=$?
	90	adjust_oom
	91	[ $RETVAL -eq 0 ] && touch /var/lock/subsys/sshd
	92	}
	93
	94	stop() {
	95	if [ -f /var/lock/subsys/sshd ]; then
	96	msg_stopping "OpenSSH"
	97	# we use start-stop-daemon to stop sshd, as it is unacceptable for such
	98	# critical service as sshd to kill it by procname, but unfortunately
	99	# rc-scripts does not provide way to kill only by pidfile
	100	start-stop-daemon --stop --quiet --pidfile /var/run/sshd.pid && ok \|\| fail
	101	rm -f /var/lock/subsys/sshd >/dev/null 2>&1
	102	else
	103	msg_not_running "OpenSSH"
	104	fi
	105	}
	106
	107	upstart_controlled --except init configtest
	108
	109	RETVAL=0
	110	# See how we were called.
	111	case "$1" in
	112	start)
	113	start
	114	;;
	115	stop)
	116	stop
	117	;;
	118	restart)
	119	checkconfig
	120	stop
	121	start
	122	;;
	123	status)
	124	status sshd
	125	exit $?
	126	;;
	127	init)
	128	nls "Now the SSH host key will be generated. Please note, that if you"
	129	nls "will use password for the key, you will need to type it on each"
	130	nls "reboot."
	131	ssh_gen_keys
	132	;;
	133	configtest)
	134	checkconfig
	135	;;
	136	reload\|force-reload)
	137	if [ -f /var/lock/subsys/sshd ]; then
	138	checkconfig
	139	msg_reloading "OpenSSH"
	140	killproc sshd -HUP
	141	RETVAL=$?
	142	else
	143	msg_not_running "OpenSSH"
	144	exit 7
	145	fi
	146	;;
	147	*)
	148	msg_usage "$0 {start\|stop\|init\|restart\|reload\|force-reload\|status}"
	149	exit 3
	150	esac
	151
	152	exit $RETVAL