projects / packages / openssh.git / blame
| Commit | Line | Data |
|---|---|---|
| cf3b46d6 AF |
1 | #!/bin/sh |
| 2 | # | |
| 3 | # sshd sshd (secure shell daemon) | |
| 4 | # | |
| 5 | # chkconfig: 345 55 45 | |
| 6 | # | |
| 4a9f24b4 | 7 | # description: sshd (secure shell daemon) is a server part of the ssh suite. \ |
| 8 | # Ssh can be used for remote login, remote file copying, TCP port \ | |
| cf3b46d6 AF |
9 | # forwarding etc. Ssh offers strong encryption and authentication. |
| 10 | ||
| 32322335 | 11 | SSHD_OOM_ADJUST=-17 |
| cf3b46d6 AF |
12 | |
| 13 | # Source function library | |
| 14 | . /etc/rc.d/init.d/functions | |
| 15 | ||
| 16 | # Get network config | |
| 17 | . /etc/sysconfig/network | |
| 18 | ||
| 19 | # Get service config | |
| 20 | [ -f /etc/sysconfig/sshd ] && . /etc/sysconfig/sshd | |
| 21 | ||
| 22 | # Check that networking is up. | |
| 7d58fbb0 | 23 | if is_yes "${NETWORKING}"; then |
| 224aaee1 | 24 | if [ ! -f /var/lock/subsys/network -a "$1" != stop -a "$1" != status -a "$1" != init ]; then |
| 7d58fbb0 | 25 | msg_network_down OpenSSH |
| 26 | exit 1 | |
| 27 | fi | |
| 28 | else | |
| 29 | exit 0 | |
| cf3b46d6 | 30 | fi |
| a1c37c17 | 31 | |
| 32322335 | 32 | adjust_oom() { |
| 141073f0 ER |
33 | if [ -e /var/run/sshd.pid ]; then |
| 34 | for pid in $(cat /var/run/sshd.pid); do | |
| 35 | echo "$SSHD_OOM_ADJUST" 2>/dev/null > /proc/$pid/oom_adj | |
| 36 | done | |
| 37 | fi | |
| 32322335 AM |
38 | } |
| 39 | ||
| 945a8076 ER |
40 | checkconfig() { |
| 41 | /usr/sbin/sshd -t || exit 1 | |
| 42 | } | |
| 43 | ||
| b10eed65 | 44 | start() { |
| 3c573fc0 | 45 | # generate new keys with empty passwords if they do not exist |
| 46 | if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then | |
| 7d58fbb0 | 47 | /usr/bin/ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key -N '' 1>&2 |
| 48 | chmod 600 /etc/ssh/ssh_host_key | |
| b79cf855 | 49 | [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_key || : |
| 3c573fc0 | 50 | fi |
| 51 | if [ ! -f /etc/ssh/ssh_host_rsa_key -o ! -s /etc/ssh/ssh_host_rsa_key ]; then | |
| 7d58fbb0 | 52 | /usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' 1>&2 |
| 53 | chmod 600 /etc/ssh/ssh_host_rsa_key | |
| b79cf855 | 54 | [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_rsa_key || : |
| 3c573fc0 | 55 | fi |
| 56 | if [ ! -f /etc/ssh/ssh_host_dsa_key -o ! -s /etc/ssh/ssh_host_dsa_key ]; then | |
| 7d58fbb0 | 57 | /usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' 1>&2 |
| 58 | chmod 600 /etc/ssh/ssh_host_dsa_key | |
| b79cf855 | 59 | [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_dsa_key || : |
| 3c573fc0 | 60 | fi |
| 61 | ||
| 945a8076 ER |
62 | checkconfig |
| 63 | ||
| 01d1f289 | 64 | if [ ! -f /etc/ssh/ssh_host_key ]; then |
| 9ceb608e | 65 | msg_not_running OpenSSH |
| 7d58fbb0 | 66 | nls "No SSH host key found! You must run \"%s init\" first." "$0" |
| 01d1f289 | 67 | exit 1 |
| 68 | fi | |
| 3c573fc0 | 69 | |
| 70 | # Check if the service is already running? | |
| cf3b46d6 | 71 | if [ ! -f /var/lock/subsys/sshd ]; then |
| cbd44157 | 72 | msg_starting OpenSSH |
| 0c7d0db8 | 73 | daemon --pidfile /var/run/sshd.pid /usr/sbin/sshd |
| cbd44157 | 74 | RETVAL=$? |
| 32322335 | 75 | adjust_oom |
| a1c37c17 | 76 | [ $RETVAL -eq 0 ] && touch /var/lock/subsys/sshd |
| cf3b46d6 | 77 | else |
| 9ceb608e | 78 | msg_already_running OpenSSH |
| cf3b46d6 | 79 | fi |
| b10eed65 ER |
80 | } |
| 81 | ||
| 82 | stop() { | |
| 7d58fbb0 | 83 | if [ -f /var/lock/subsys/sshd ]; then |
| cbd44157 | 84 | msg_stopping OpenSSH |
| 3007cef9 ER |
85 | # we use start-stop-daemon to stop sshd, as it is unacceptable for such |
| 86 | # critical service as sshd to kill it by procname, but unfortunately | |
| 87 | # rc-scripts does not provide way to kill *only* by pidfile | |
| 88 | start-stop-daemon --stop --quiet --pidfile /var/run/sshd.pid && ok || fail | |
| 89 | rm -f /var/lock/subsys/sshd >/dev/null 2>&1 | |
| cbd44157 | 90 | else |
| 9ceb608e | 91 | msg_not_running OpenSSH |
| a1c37c17 | 92 | fi |
| b10eed65 ER |
93 | } |
| 94 | ||
| 95 | RETVAL=0 | |
| 96 | # See how we were called. | |
| 97 | case "$1" in | |
| 98 | start) | |
| 99 | start | |
| 100 | ;; | |
| 101 | stop) | |
| 102 | stop | |
| cf3b46d6 | 103 | ;; |
| cbd44157 | 104 | restart) |
| 945a8076 | 105 | checkconfig |
| b10eed65 ER |
106 | stop |
| 107 | start | |
| cf3b46d6 AF |
108 | ;; |
| 109 | status) | |
| 110 | status sshd | |
| cbd44157 | 111 | exit $? |
| cf3b46d6 | 112 | ;; |
| 01d1f289 | 113 | init) |
| 0d883194 | 114 | nls "Now the SSH host key will be generated. Please note, that if you" |
| 115 | nls "will use password for the key, you will need to type it on each" | |
| 116 | nls "reboot." | |
| ff7a4dcc | 117 | /usr/bin/ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key |
| b79cf855 | 118 | [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_key || : |
| cf14c2df | 119 | chmod 600 /etc/ssh/ssh_host_key |
| ff7a4dcc | 120 | /usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key |
| b79cf855 | 121 | [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_rsa_key || : |
| ff7a4dcc | 122 | chmod 600 /etc/ssh/ssh_host_rsa_key |
| 7d58fbb0 | 123 | /usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key |
| cf14c2df | 124 | chmod 600 /etc/ssh/ssh_host_dsa_key |
| b79cf855 | 125 | [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_dsa_key || : |
| 01d1f289 | 126 | exit $? |
| 36f63877 | 127 | ;; |
| bff0c7f8 | 128 | reload|force-reload) |
| 0d883194 | 129 | if [ -f /var/lock/subsys/sshd ]; then |
| d1017959 | 130 | checkconfig |
| 0d883194 | 131 | msg_reloading OpenSSH |
| 0d883194 | 132 | killproc sshd -HUP |
| 133 | RETVAL=$? | |
| 0d883194 | 134 | else |
| bbbbe539 | 135 | msg_not_running OpenSSH |
| bff0c7f8 | 136 | exit 7 |
| 0d883194 | 137 | fi |
| 36f63877 | 138 | ;; |
| cf3b46d6 | 139 | *) |
| bff0c7f8 | 140 | msg_usage "$0 {start|stop|init|restart|reload|force-reload|status}" |
| 141 | exit 3 | |
| cf3b46d6 AF |
142 | esac |
| 143 | ||
| cbd44157 | 144 | exit $RETVAL |