opensshd.init

   1 #!/bin/sh
   2 #
   3 # sshd          sshd (secure shell daemon)
   4 #
   5 # chkconfig:    345 55 45
   6 #
   7 # description:  sshd (secure shell daemon) is a server part of the ssh suite. \
   8 #               Ssh can be used for remote login, remote file copying, TCP port \
   9 #               forwarding etc. Ssh offers strong encryption and authentication.
  10
  11 SSHD_OOM_ADJUST=-17
  12
  13 # Source function library
  14 . /etc/rc.d/init.d/functions
  15
  16 # Get network config
  17 . /etc/sysconfig/network
  18
  19 # Get service config
  20 [ -f /etc/sysconfig/sshd ] && . /etc/sysconfig/sshd
  21
  22 # Check that networking is up.
  23 if is_yes "${NETWORKING}"; then
  24         if [ ! -f /var/lock/subsys/network -a "$1" != stop -a "$1" != status -a "$1" != init ]; then
  25                 msg_network_down "OpenSSH"
  26                 exit 1
  27         fi
  28 else
  29         exit 0
  30 fi
  31
  32 adjust_oom() {
  33         if [ -e /var/run/sshd.pid ]; then
  34                 for pid in $(cat /var/run/sshd.pid); do
  35                         echo "$SSHD_OOM_ADJUST" 2>/dev/null > /proc/$pid/oom_adj
  36                 done
  37         fi
  38 }
  39
  40 checkconfig() {
  41         /usr/sbin/sshd -t || exit 1
  42 }
  43
  44 ssh_gen_keys() {
  45         # generate new keys with empty passwords if they do not exist
  46         if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then
  47                 /usr/bin/ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key -N '' >&2
  48                 chmod 600 /etc/ssh/ssh_host_key
  49                 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_key
  50         fi
  51         if [ ! -f /etc/ssh/ssh_host_rsa_key -o ! -s /etc/ssh/ssh_host_rsa_key ]; then
  52                 /usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' >&2
  53                 chmod 600 /etc/ssh/ssh_host_rsa_key
  54                 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_rsa_key
  55         fi
  56         if [ ! -f /etc/ssh/ssh_host_dsa_key -o ! -s /etc/ssh/ssh_host_dsa_key ]; then
  57                 /usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' >&2
  58                 chmod 600 /etc/ssh/ssh_host_dsa_key
  59                 [ -x /sbin/restorecon ] && /sbin/restorecon /etc/ssh/ssh_host_dsa_key
  60         fi
  61
  62         # commit files. so that sudden reboot here won't lose the data.
  63         [ -x /bin/sync ] && /bin/sync
  64 }
  65
  66 start() {
  67         # Check if the service is already running?
  68         if [ -f /var/lock/subsys/sshd ]; then
  69                 msg_already_running "OpenSSH"
  70                 return
  71         fi
  72
  73         ssh_gen_keys
  74
  75         checkconfig
  76
  77         if [ ! -s /etc/ssh/ssh_host_key ]; then
  78                 msg_not_running "OpenSSH"
  79                 nls "No SSH host key found! You must run \"%s init\" first." "$0"
  80                 exit 1
  81         fi
  82
  83         if is_yes "$IPV4_NETWORKING" && is_no "$IPV6_NETWORKING"; then
  84                 OPTIONS="$OPTIONS -4"
  85         fi
  86         if is_yes "$IPV6_NETWORKING" && is_no "$IPV4_NETWORKING"; then
  87                 OPTIONS="$OPTIONS -6"
  88         fi
  89
  90         msg_starting "OpenSSH"
  91         daemon --pidfile /var/run/sshd.pid /usr/sbin/sshd $OPTIONS
  92         RETVAL=$?
  93         adjust_oom
  94         [ $RETVAL -eq 0 ] && touch /var/lock/subsys/sshd
  95 }
  96
  97 stop() {
  98         if [ -f /var/lock/subsys/sshd ]; then
  99                 msg_stopping "OpenSSH"
 100                 # we use start-stop-daemon to stop sshd, as it is unacceptable for such
 101                 # critical service as sshd to kill it by procname, but unfortunately
 102                 # rc-scripts does not provide way to kill *only* by pidfile
 103                 start-stop-daemon --stop --quiet --pidfile /var/run/sshd.pid && ok || fail
 104                 rm -f /var/lock/subsys/sshd >/dev/null 2>&1
 105         else
 106                 msg_not_running "OpenSSH"
 107         fi
 108 }
 109
 110 RETVAL=0
 111 # See how we were called.
 112 case "$1" in
 113   start)
 114         start
 115         ;;
 116   stop)
 117         stop
 118         ;;
 119   restart)
 120         checkconfig
 121         stop
 122         start
 123         ;;
 124   status)
 125         status sshd
 126         exit $?
 127         ;;
 128   init)
 129         nls "Now the SSH host key will be generated. Please note, that if you"
 130         nls "will use password for the key, you will need to type it on each"
 131         nls "reboot."
 132         ssh_gen_keys
 133         ;;
 134   reload|force-reload)
 135         if [ -f /var/lock/subsys/sshd ]; then
 136                 checkconfig
 137                 msg_reloading "OpenSSH"
 138                 killproc sshd -HUP
 139                 RETVAL=$?
 140         else
 141                 msg_not_running "OpenSSH"
 142                 exit 7
 143         fi
 144         ;;
 145   *)
 146         msg_usage "$0 {start|stop|init|restart|reload|force-reload|status}"
 147         exit 3
 148 esac
 149
 150 exit $RETVAL