#
# sshd sshd (secure shell daemon)
#
-# chkconfig: 345 55 45
+# chkconfig: 345 22 88
#
-# description: sshd (secure shell daemon) is a server part of the ssh suite.
-# Ssh can be used for remote login, remote file copying, TCP port
+# description: sshd (secure shell daemon) is a server part of the ssh suite. \
+# Ssh can be used for remote login, remote file copying, TCP port \
# forwarding etc. Ssh offers strong encryption and authentication.
-
# Source function library
. /etc/rc.d/init.d/functions
+upstart_controlled --except init configtest
+
# Get network config
. /etc/sysconfig/network
+SSHD_OOM_ADJUST=-1000
+PIDFILE=/var/run/sshd.pid
+
# Get service config
[ -f /etc/sysconfig/sshd ] && . /etc/sysconfig/sshd
# Check that networking is up.
-if [ "${NETWORKING}" = "no" ]; then
- echo "WARNING: Networking is down. Sshd can't be runed."
- exit 1
+if is_yes "${NETWORKING}"; then
+ if [ ! -f /var/lock/subsys/network -a "$1" != stop -a "$1" != status -a "$1" != init ]; then
+ msg_network_down "OpenSSH"
+ exit 1
+ fi
+else
+ exit 0
fi
+adjust_oom() {
+ if [ -e $PIDFILE ]; then
+ for pid in $(cat $PIDFILE); do
+ echo "$SSHD_OOM_ADJUST" 2>/dev/null > /proc/$pid/oom_score_adj
+ done
+ fi
+}
+
+checkconfig() {
+ ssh_gen_keys
+ /usr/sbin/sshd -t || exit 1
+}
-# See how we were called.
-case "$1" in
- start)
+ssh_gen_keys() {
+ @@LIBEXECDIR@@/sshd-keygen
+}
+
+start() {
# Check if the service is already running?
+ if [ -f /var/lock/subsys/sshd ]; then
+ msg_already_running "OpenSSH"
+ return
+ fi
+
+ checkconfig
+
+ if [ ! -s /etc/ssh/ssh_host_key ]; then
+ msg_not_running "OpenSSH"
+ nls "No SSH host key found! You must run \"%s init\" first." "$0"
+ exit 1
+ fi
+
+ if is_yes "$IPV4_NETWORKING" && is_no "$IPV6_NETWORKING"; then
+ OPTIONS="$OPTIONS -4"
+ fi
+ if is_yes "$IPV6_NETWORKING" && is_no "$IPV4_NETWORKING"; then
+ OPTIONS="$OPTIONS -6"
+ fi
+
+ msg_starting "OpenSSH"
+ daemon --pidfile $PIDFILE /usr/sbin/sshd $OPTIONS
+ RETVAL=$?
+ adjust_oom
+ [ $RETVAL -eq 0 ] && touch /var/lock/subsys/sshd
+}
+
+stop() {
if [ ! -f /var/lock/subsys/sshd ]; then
- show Starting OpenSSHd
- daemon sshd -h /etc/ssh/ssh_host_key
- else
- echo "OpenSSHd already is running"
+ msg_not_running "OpenSSH"
+ return
fi
- touch /var/lock/subsys/sshd
+
+ msg_stopping "OpenSSH"
+ # we use start-stop-daemon to stop sshd, as it is unacceptable for such
+ # critical service as sshd to kill it by procname, but unfortunately
+ # rc-scripts does not provide way to kill *only* by pidfile
+ start-stop-daemon --stop --quiet --pidfile $PIDFILE && ok || fail
+ rm -f /var/lock/subsys/sshd >/dev/null 2>&1
+}
+
+reload() {
+ if [ ! -f /var/lock/subsys/sshd ]; then
+ msg_not_running "OpenSSH"
+ RETVAL=7
+ return
+ fi
+
+ checkconfig
+ msg_reloading "OpenSSH"
+ killproc sshd -HUP
+ RETVAL=$?
+}
+
+condrestart() {
+ if [ ! -f /var/lock/subsys/sshd ]; then
+ msg_not_running "OpenSSH"
+ RETVAL=$1
+ return
+ fi
+
+ checkconfig
+ stop
+ start
+}
+
+RETVAL=0
+# See how we were called.
+case "$1" in
+ start)
+ start
;;
stop)
- show Stopping sshd
- killproc sshd
- rm -f /var/run/sshd.pid
- rm -f /var/lock/subsys/sshd
+ stop
+ ;;
+ restart)
+ checkconfig
+ stop
+ start
;;
- restart|reload)
- $0 stop
- $0 start
+ try-restart)
+ condrestart 0
+ ;;
+ reload|force-reload)
+ reload
+ ;;
+ configtest)
+ checkconfig
+ ;;
+ init)
+ nls "Now the SSH host key will be generated. Please note, that if you"
+ nls "will use password for the key, you will need to type it on each"
+ nls "reboot."
+ ssh_gen_keys
;;
status)
- status sshd
+ status --pidfile $PIDFILE sshd
+ exit $?
;;
*)
- echo "Usage: $0 {start|stop|status|restart|reload}"
- exit 1
+ msg_usage "$0 {start|stop|restart|try-restart|reload|force-reload|configtest|init|status}"
+ exit 3
esac
-exit 0
-
+exit $RETVAL
projects / packages / openssh.git / blobdiff