[packages/openssh.git] / opensshd.init

#!/bin/sh
#
# sshd		sshd (secure shell daemon)
#
# chkconfig:	345 55 45
#
# description:	sshd (secure shell daemon) is a server part of the ssh suite. \
#		Ssh can be used for remote login, remote file copying, TCP port \
#		forwarding etc. Ssh offers strong encryption and authentication.

SSHD_OOM_ADJUST=-17

# Source function library
. /etc/rc.d/init.d/functions

# Get network config
. /etc/sysconfig/network

# Get service config
[ -f /etc/sysconfig/sshd ] && . /etc/sysconfig/sshd

# Check that networking is up.
if is_yes "${NETWORKING}"; then
	if [ ! -f /var/lock/subsys/network -a "$1" != stop -a "$1" != status -a "$1" != init ]; then
		msg_network_down "OpenSSH"
		exit 1
	fi
else
	exit 0
fi

adjust_oom() {
	if [ -e /var/run/sshd.pid ]; then
		for pid in $(cat /var/run/sshd.pid); do
			echo "$SSHD_OOM_ADJUST" 2>/dev/null > /proc/$pid/oom_adj
		done
	fi
}

checkconfig() {
	/usr/sbin/sshd -t || exit 1
}

ssh_gen_keys() {
	# generate new keys with empty passwords if they do not exist
	if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then
		/usr/bin/ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key -N '' >&2
		chmod 600 /etc/ssh/ssh_host_key
		[ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_key
	fi
	if [ ! -f /etc/ssh/ssh_host_rsa_key -o ! -s /etc/ssh/ssh_host_rsa_key ]; then
		/usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' >&2
		chmod 600 /etc/ssh/ssh_host_rsa_key
		[ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_rsa_key
	fi
	if [ ! -f /etc/ssh/ssh_host_dsa_key -o ! -s /etc/ssh/ssh_host_dsa_key ]; then
		/usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' >&2
		chmod 600 /etc/ssh/ssh_host_dsa_key
		[ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_dsa_key
	fi

	# commit files. so that sudden reboot here won't lose the data.
	[ -x /bin/sync ] && /bin/sync
}

start() {
	# Check if the service is already running?
	if [ -f /var/lock/subsys/sshd ]; then
		msg_already_running "OpenSSH"
		return
	fi

	ssh_gen_keys

	checkconfig

	if [ ! -s /etc/ssh/ssh_host_key ]; then
		msg_not_running "OpenSSH"
		nls "No SSH host key found! You must run \"%s init\" first." "$0"
		exit 1
	fi

	if is_yes "$IPV4_NETWORKING" && is_no "$IPV6_NETWORKING"; then
		OPTIONS="$OPTIONS -4"
	fi
	if is_yes "$IPV6_NETWORKING" && is_no "$IPV4_NETWORKING"; then
		OPTIONS="$OPTIONS -6"
	fi

	msg_starting "OpenSSH"
	daemon --pidfile /var/run/sshd.pid /usr/sbin/sshd $OPTIONS
	RETVAL=$?
	adjust_oom
	[ $RETVAL -eq 0 ] && touch /var/lock/subsys/sshd
}

stop() {
	if [ -f /var/lock/subsys/sshd ]; then
		msg_stopping "OpenSSH"
		# we use start-stop-daemon to stop sshd, as it is unacceptable for such
		# critical service as sshd to kill it by procname, but unfortunately
		# rc-scripts does not provide way to kill *only* by pidfile
		start-stop-daemon --stop --quiet --pidfile /var/run/sshd.pid && ok || fail
		rm -f /var/lock/subsys/sshd >/dev/null 2>&1
	else
		msg_not_running "OpenSSH"
	fi
}

upstart_controlled --except init configtest

RETVAL=0
# See how we were called.
case "$1" in
  start)
  	start
	;;
  stop)
  	stop
	;;
  restart)
	checkconfig
	stop
	start
	;;
  status)
	status sshd
	exit $?
	;;
  init)
	nls "Now the SSH host key will be generated. Please note, that if you"
	nls "will use password for the key, you will need to type it on each"
	nls "reboot."
	ssh_gen_keys
	;;
  configtest)
	checkconfig
	;;
  reload|force-reload)
	if [ -f /var/lock/subsys/sshd ]; then
		checkconfig
		msg_reloading "OpenSSH"
		killproc sshd -HUP
		RETVAL=$?
	else
		msg_not_running "OpenSSH"
		exit 7
	fi
	;;
  *)
	msg_usage "$0 {start|stop|init|restart|reload|force-reload|status}"
	exit 3
esac

exit $RETVAL
Commit	Line	Data
	1	#!/bin/sh
	2	#
	3	# sshd sshd (secure shell daemon)
	4	#
	5	# chkconfig: 345 55 45
	6	#
	7	# description: sshd (secure shell daemon) is a server part of the ssh suite. \
	8	# Ssh can be used for remote login, remote file copying, TCP port \
	9	# forwarding etc. Ssh offers strong encryption and authentication.
	10
	11	SSHD_OOM_ADJUST=-17
	12
	13	# Source function library
	14	. /etc/rc.d/init.d/functions
	15
	16	# Get network config
	17	. /etc/sysconfig/network
	18
	19	# Get service config
	20	[ -f /etc/sysconfig/sshd ] && . /etc/sysconfig/sshd
	21
	22	# Check that networking is up.
	23	if is_yes "${NETWORKING}"; then
	24	if [ ! -f /var/lock/subsys/network -a "$1" != stop -a "$1" != status -a "$1" != init ]; then
	25	msg_network_down "OpenSSH"
	26	exit 1
	27	fi
	28	else
	29	exit 0
	30	fi
	31
	32	adjust_oom() {
	33	if [ -e /var/run/sshd.pid ]; then
	34	for pid in $(cat /var/run/sshd.pid); do
	35	echo "$SSHD_OOM_ADJUST" 2>/dev/null > /proc/$pid/oom_adj
	36	done
	37	fi
	38	}
	39
	40	checkconfig() {
	41	/usr/sbin/sshd -t \|\| exit 1
	42	}
	43
	44	ssh_gen_keys() {
	45	# generate new keys with empty passwords if they do not exist
	46	if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then
	47	/usr/bin/ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key -N '' >&2
	48	chmod 600 /etc/ssh/ssh_host_key
	49	[ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_key
	50	fi
	51	if [ ! -f /etc/ssh/ssh_host_rsa_key -o ! -s /etc/ssh/ssh_host_rsa_key ]; then
	52	/usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' >&2
	53	chmod 600 /etc/ssh/ssh_host_rsa_key
	54	[ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_rsa_key
	55	fi
	56	if [ ! -f /etc/ssh/ssh_host_dsa_key -o ! -s /etc/ssh/ssh_host_dsa_key ]; then
	57	/usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' >&2
	58	chmod 600 /etc/ssh/ssh_host_dsa_key
	59	[ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_dsa_key
	60	fi
	61
	62	# commit files. so that sudden reboot here won't lose the data.
	63	[ -x /bin/sync ] && /bin/sync
	64	}
	65
	66	start() {
	67	# Check if the service is already running?
	68	if [ -f /var/lock/subsys/sshd ]; then
	69	msg_already_running "OpenSSH"
	70	return
	71	fi
	72
	73	ssh_gen_keys
	74
	75	checkconfig
	76
	77	if [ ! -s /etc/ssh/ssh_host_key ]; then
	78	msg_not_running "OpenSSH"
	79	nls "No SSH host key found! You must run \"%s init\" first." "$0"
	80	exit 1
	81	fi
	82
	83	if is_yes "$IPV4_NETWORKING" && is_no "$IPV6_NETWORKING"; then
	84	OPTIONS="$OPTIONS -4"
	85	fi
	86	if is_yes "$IPV6_NETWORKING" && is_no "$IPV4_NETWORKING"; then
	87	OPTIONS="$OPTIONS -6"
	88	fi
	89
	90	msg_starting "OpenSSH"
	91	daemon --pidfile /var/run/sshd.pid /usr/sbin/sshd $OPTIONS
	92	RETVAL=$?
	93	adjust_oom
	94	[ $RETVAL -eq 0 ] && touch /var/lock/subsys/sshd
	95	}
	96
	97	stop() {
	98	if [ -f /var/lock/subsys/sshd ]; then
	99	msg_stopping "OpenSSH"
	100	# we use start-stop-daemon to stop sshd, as it is unacceptable for such
	101	# critical service as sshd to kill it by procname, but unfortunately
	102	# rc-scripts does not provide way to kill only by pidfile
	103	start-stop-daemon --stop --quiet --pidfile /var/run/sshd.pid && ok \|\| fail
	104	rm -f /var/lock/subsys/sshd >/dev/null 2>&1
	105	else
	106	msg_not_running "OpenSSH"
	107	fi
	108	}
	109
	110	upstart_controlled --except init configtest
	111
	112	RETVAL=0
	113	# See how we were called.
	114	case "$1" in
	115	start)
	116	start
	117	;;
	118	stop)
	119	stop
	120	;;
	121	restart)
	122	checkconfig
	123	stop
	124	start
	125	;;
	126	status)
	127	status sshd
	128	exit $?
	129	;;
	130	init)
	131	nls "Now the SSH host key will be generated. Please note, that if you"
	132	nls "will use password for the key, you will need to type it on each"
	133	nls "reboot."
	134	ssh_gen_keys
	135	;;
	136	configtest)
	137	checkconfig
	138	;;
	139	reload\|force-reload)
	140	if [ -f /var/lock/subsys/sshd ]; then
	141	checkconfig
	142	msg_reloading "OpenSSH"
	143	killproc sshd -HUP
	144	RETVAL=$?
	145	else
	146	msg_not_running "OpenSSH"
	147	exit 7
	148	fi
	149	;;
	150	*)
	151	msg_usage "$0 {start\|stop\|init\|restart\|reload\|force-reload\|status}"
	152	exit 3
	153	esac
	154
	155	exit $RETVAL