opensshd.init

   1 #!/bin/sh
   2 #
   3 # sshd          sshd (secure shell daemon)
   4 #
   5 # chkconfig:    345 11 89
   6 #
   7 # description:  sshd (secure shell daemon) is a server part of the ssh suite. \
   8 #               Ssh can be used for remote login, remote file copying, TCP port \
   9 #               forwarding etc. Ssh offers strong encryption and authentication.
  10
  11 SSHD_OOM_ADJUST=-17
  12
  13 # Source function library
  14 . /etc/rc.d/init.d/functions
  15
  16 # Get network config
  17 . /etc/sysconfig/network
  18
  19 # Get service config
  20 [ -f /etc/sysconfig/sshd ] && . /etc/sysconfig/sshd
  21
  22 # Check that networking is up.
  23 if is_yes "${NETWORKING}"; then
  24         if [ ! -f /var/lock/subsys/network -a "$1" != stop -a "$1" != status -a "$1" != init ]; then
  25                 msg_network_down "OpenSSH"
  26                 exit 1
  27         fi
  28 else
  29         exit 0
  30 fi
  31
  32 adjust_oom() {
  33         if [ -e /var/run/sshd.pid ]; then
  34                 for pid in $(cat /var/run/sshd.pid); do
  35                         echo "$SSHD_OOM_ADJUST" 2>/dev/null > /proc/$pid/oom_adj
  36                 done
  37         fi
  38 }
  39
  40 checkconfig() {
  41         /usr/sbin/sshd -t || exit 1
  42 }
  43
  44 ssh_gen_keys() {
  45         # generate new keys with empty passwords if they do not exist
  46         if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then
  47                 /usr/bin/ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key -N '' >&2
  48                 chmod 600 /etc/ssh/ssh_host_key
  49                 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_key
  50         fi
  51         if [ ! -f /etc/ssh/ssh_host_rsa_key -o ! -s /etc/ssh/ssh_host_rsa_key ]; then
  52                 /usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' >&2
  53                 chmod 600 /etc/ssh/ssh_host_rsa_key
  54                 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_rsa_key
  55         fi
  56         if [ ! -f /etc/ssh/ssh_host_dsa_key -o ! -s /etc/ssh/ssh_host_dsa_key ]; then
  57                 /usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' >&2
  58                 chmod 600 /etc/ssh/ssh_host_dsa_key
  59                 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_dsa_key
  60         fi
  61 }
  62
  63 start() {
  64         # Check if the service is already running?
  65         if [ -f /var/lock/subsys/sshd ]; then
  66                 msg_already_running "OpenSSH"
  67                 return
  68         fi
  69
  70         ssh_gen_keys
  71
  72         checkconfig
  73
  74         if [ ! -s /etc/ssh/ssh_host_key ]; then
  75                 msg_not_running "OpenSSH"
  76                 nls "No SSH host key found! You must run \"%s init\" first." "$0"
  77                 exit 1
  78         fi
  79
  80         if is_yes "$IPV4_NETWORKING" && is_no "$IPV6_NETWORKING"; then
  81                 OPTIONS="$OPTIONS -4"
  82         fi
  83         if is_yes "$IPV6_NETWORKING" && is_no "$IPV4_NETWORKING"; then
  84                 OPTIONS="$OPTIONS -6"
  85         fi
  86
  87         msg_starting "OpenSSH"
  88         daemon --pidfile /var/run/sshd.pid /usr/sbin/sshd $OPTIONS
  89         RETVAL=$?
  90         adjust_oom
  91         [ $RETVAL -eq 0 ] && touch /var/lock/subsys/sshd
  92 }
  93
  94 stop() {
  95         if [ -f /var/lock/subsys/sshd ]; then
  96                 msg_stopping "OpenSSH"
  97                 # we use start-stop-daemon to stop sshd, as it is unacceptable for such
  98                 # critical service as sshd to kill it by procname, but unfortunately
  99                 # rc-scripts does not provide way to kill *only* by pidfile
 100                 start-stop-daemon --stop --quiet --pidfile /var/run/sshd.pid && ok || fail
 101                 rm -f /var/lock/subsys/sshd >/dev/null 2>&1
 102         else
 103                 msg_not_running "OpenSSH"
 104         fi
 105 }
 106
 107 upstart_controlled --except init configtest
 108
 109 RETVAL=0
 110 # See how we were called.
 111 case "$1" in
 112   start)
 113         start
 114         ;;
 115   stop)
 116         stop
 117         ;;
 118   restart)
 119         checkconfig
 120         stop
 121         start
 122         ;;
 123   status)
 124         status sshd
 125         exit $?
 126         ;;
 127   init)
 128         nls "Now the SSH host key will be generated. Please note, that if you"
 129         nls "will use password for the key, you will need to type it on each"
 130         nls "reboot."
 131         ssh_gen_keys
 132         ;;
 133   configtest)
 134         checkconfig
 135         ;;
 136   reload|force-reload)
 137         if [ -f /var/lock/subsys/sshd ]; then
 138                 checkconfig
 139                 msg_reloading "OpenSSH"
 140                 killproc sshd -HUP
 141                 RETVAL=$?
 142         else
 143                 msg_not_running "OpenSSH"
 144                 exit 7
 145         fi
 146         ;;
 147   *)
 148         msg_usage "$0 {start|stop|init|restart|reload|force-reload|status}"
 149         exit 3
 150 esac
 151
 152 exit $RETVAL