. /etc/sysconfig/network
SSHD_OOM_ADJUST=-1000
+PIDFILE=/var/run/sshd.pid
# Get service config
[ -f /etc/sysconfig/sshd ] && . /etc/sysconfig/sshd
fi
adjust_oom() {
- if [ -e /var/run/sshd.pid ]; then
- for pid in $(cat /var/run/sshd.pid); do
+ if [ -e $PIDFILE ]; then
+ for pid in $(cat $PIDFILE); do
echo "$SSHD_OOM_ADJUST" 2>/dev/null > /proc/$pid/oom_score_adj
done
fi
}
ssh_gen_keys() {
- # generate new keys with empty passwords if they do not exist
- if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then
- /usr/bin/ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key -N '' >&2
- chmod 600 /etc/ssh/ssh_host_key
- [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_key
- fi
- if [ ! -f /etc/ssh/ssh_host_rsa_key -o ! -s /etc/ssh/ssh_host_rsa_key ]; then
- /usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' >&2
- chmod 600 /etc/ssh/ssh_host_rsa_key
- [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_rsa_key
- fi
- if [ ! -f /etc/ssh/ssh_host_dsa_key -o ! -s /etc/ssh/ssh_host_dsa_key ]; then
- /usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' >&2
- chmod 600 /etc/ssh/ssh_host_dsa_key
- [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_dsa_key
- fi
- if [ ! -f /etc/ssh/ssh_host_ecdsa_key -o ! -s /etc/ssh/ssh_host_ecdsa_key ]; then
- /usr/bin/ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N '' >&2
- chmod 600 /etc/ssh/ssh_host_ecdsa_key
- [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_ecdsa_key
- fi # ecdsa
+ @@LIBEXECDIR@@/sshd-keygen
}
start() {
fi
msg_starting "OpenSSH"
- daemon --pidfile /var/run/sshd.pid /usr/sbin/sshd $OPTIONS
+ daemon --pidfile $PIDFILE /usr/sbin/sshd $OPTIONS
RETVAL=$?
adjust_oom
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/sshd
# we use start-stop-daemon to stop sshd, as it is unacceptable for such
# critical service as sshd to kill it by procname, but unfortunately
# rc-scripts does not provide way to kill *only* by pidfile
- start-stop-daemon --stop --quiet --pidfile /var/run/sshd.pid && ok || fail
+ start-stop-daemon --stop --quiet --pidfile $PIDFILE && ok || fail
rm -f /var/lock/subsys/sshd >/dev/null 2>&1
}
ssh_gen_keys
;;
status)
- status sshd
+ status --pidfile $PIDFILE sshd
exit $?
;;
*)