[OE-core] [PATCH] sshd: add sshd.service
Peter Kjellerstedt
peter.kjellerstedt at axis.com
Wed Jul 18 12:33:24 UTC 2018
> -----Original Message-----
> From: openembedded-core-bounces at lists.openembedded.org
> [mailto:openembedded-core-bounces at lists.openembedded.org] On Behalf Of
> Zheng Ruoqin
> Sent: den 16 juli 2018 09:47
> To: openembedded-core at lists.openembedded.org
> Subject: [OE-core] [PATCH] sshd: add sshd.service
>
> Add sshd.service for user to start the sshd deamon.
Why would we want this? This will start the sshd server
unconditionally, instead of the current solution which only starts
it if someone actually connects to port 22.
If there is some technical reason to have the sshd service always
running, then that should be optional and enabled using a
PACKAGECONFIG (which should be disabled by default).
> Signed-off-by: Zheng Ruoqin <zhengrq.fnst at cn.fujitsu.com>
> ---
> meta/recipes-connectivity/openssh/openssh/sshd.service | 16
> ++++++++++++++++
> meta/recipes-connectivity/openssh/openssh_7.7p1.bb | 2 ++
> 2 files changed, 18 insertions(+)
> create mode 100644 meta/recipes-connectivity/openssh/openssh/sshd.service
>
> diff --git a/meta/recipes-connectivity/openssh/openssh/sshd.service b/meta/recipes-connectivity/openssh/openssh/sshd.service
> new file mode 100644
> index 0000000..eb87d32
> --- /dev/null
> +++ b/meta/recipes-connectivity/openssh/openssh/sshd.service
> @@ -0,0 +1,16 @@
> +[Unit]
> +Description=OpenSSH server daemon
> +Documentation=man:sshd(8) man:sshd_config(5)
> +After=network.target sshd-keygen.service
> +Wants=sshd-keygen.service
Where do you get the sshd-keygen service from? There is a
sshdgenkeys service (as can be seen below)...
> +
> +[Service]
> +EnvironmentFile=/etc/sysconfig/sshd
This does not match the current configuration in sshd at .service,
which uses /etc/default/ssh.
> +ExecStart=/usr/sbin/sshd -D $OPTIONS
> +ExecReload=/bin/kill -HUP $MAINPID
Don't use hardcoded paths. See example in sshd at .service how this
should be handled.
> +KillMode=process
> +Restart=on-failure
> +RestartSec=42s
> +
> +[Install]
> +WantedBy=multi-user.target
> diff --git a/meta/recipes-connectivity/openssh/openssh_7.7p1.bb b/meta/recipes-connectivity/openssh/openssh_7.7p1.bb
> index b3da5f6..def4062 100644
> --- a/meta/recipes-connectivity/openssh/openssh_7.7p1.bb
> +++ b/meta/recipes-connectivity/openssh/openssh_7.7p1.bb
> @@ -17,6 +17,7 @@ SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar
> file://ssh_config \
> file://init \
> ${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} \
> + file://sshd.service \
> file://sshd.socket \
> file://sshd@.service \
> file://sshdgenkeys.service \
> @@ -111,6 +112,7 @@ do_install_append () {
> echo "HostKey /var/run/ssh/ssh_host_ed25519_key" >> ${D}${sysconfdir}/ssh/sshd_config_readonly
>
> install -d ${D}${systemd_unitdir}/system
> + install -c -m 0644 ${WORKDIR}/sshd.service ${D}${systemd_unitdir}/system
> install -c -m 0644 ${WORKDIR}/sshd.socket ${D}${systemd_unitdir}/system
> install -c -m 0644 ${WORKDIR}/sshd at .service ${D}${systemd_unitdir}/system
> install -c -m 0644 ${WORKDIR}/sshdgenkeys.service ${D}${systemd_unitdir}/system
> --
> 2.7.4
//Peter
More information about the Openembedded-core
mailing list