Message ID | 20200611091407.12688-4-nolange79@gmail.com |
---|---|
State | Awaiting Upstream |
Delegated to: | Thomas Petazzoni |
Headers | show |
Series | [v2,1/3] package/openssh: improve integration for systemd | expand |
Reviewed-By Jérémy Rosen <jeremy.rosen@smile.fr> (I think I didn't add my RB for that one..) Le jeu. 11 juin 2020 à 11:14, Norbert Lange <nolange79@gmail.com> a écrit : > Signed-off-by: Norbert Lange <nolange79@gmail.com> > --- > package/openssh/openssh.mk | 6 +++--- > package/openssh/sshd-host-keygen.service | 2 +- > package/openssh/sshd.socket | 11 +++++++++++ > package/openssh/sshd@.service | 10 ++++++++++ > 4 files changed, 25 insertions(+), 4 deletions(-) > create mode 100644 package/openssh/sshd.socket > create mode 100644 package/openssh/sshd@.service > > diff --git a/package/openssh/openssh.mk b/package/openssh/openssh.mk > index 1fcd957299..cbfe8f6f7d 100644 > --- a/package/openssh/openssh.mk > +++ b/package/openssh/openssh.mk > @@ -116,9 +116,9 @@ endef > OPENSSH_POST_INSTALL_TARGET_HOOKS += OPENSSH_INSTALL_SERVER_PROGRAMS > > define OPENSSH_INSTALL_INIT_SYSTEMD > - mkdir $(TARGET_DIR)/usr/lib/systemd/system > - $(INSTALL) -m 644 package/openssh/sshd*.service \ > - $(TARGET_DIR)/usr/lib/systemd/system/ > + mkdir -p $(TARGET_DIR)/usr/lib/systemd/system > + $(INSTALL) -m 644 package/openssh/sshd*.service > package/openssh/sshd.socket \ > + $(TARGET_DIR)/usr/lib/systemd/system/. > $(OPENSSH_INSTALL_SYSTEMD_SYSUSERS) > endef > > diff --git a/package/openssh/sshd-host-keygen.service > b/package/openssh/sshd-host-keygen.service > index 2db1be16c4..0e071c9d8c 100644 > --- a/package/openssh/sshd-host-keygen.service > +++ b/package/openssh/sshd-host-keygen.service > @@ -20,4 +20,4 @@ Type=oneshot > RemainAfterExit=yes > > [Install] > -WantedBy=sshd.service > +WantedBy=sshd.service sshd.socket > diff --git a/package/openssh/sshd.socket b/package/openssh/sshd.socket > new file mode 100644 > index 0000000000..bbae9ed7aa > --- /dev/null > +++ b/package/openssh/sshd.socket > @@ -0,0 +1,11 @@ > +[Unit] > +Description=OpenBSD Secure Shell server socket > +Before=sshd.service > +Conflicts=sshd.service > + > +[Socket] > +ListenStream=22 > +Accept=yes > + > +[Install] > +WantedBy=sockets.target > diff --git a/package/openssh/sshd@.service b/package/openssh/sshd@.service > new file mode 100644 > index 0000000000..b3a590d9a3 > --- /dev/null > +++ b/package/openssh/sshd@.service > @@ -0,0 +1,10 @@ > +[Unit] > +Description=OpenBSD Secure Shell server per-connection daemon > +Documentation=man:sshd(8) man:sshd_config(5) > +After=auditd.service > + > +[Service] > +ExecStart=-/usr/sbin/sshd -i > +StandardInput=socket > +RuntimeDirectory=sshd > +RuntimeDirectoryMode=0755 > -- > 2.26.2 > >
Jérémy ROSEN <jeremy.rosen@smile.fr> schrieb am Do., 11. Juni 2020, 11:35: > Reviewed-By Jérémy Rosen <jeremy.rosen@smile.fr> > > (I think I didn't add my RB for that one..) > > Le jeu. 11 juin 2020 à 11:14, Norbert Lange <nolange79@gmail.com> a > écrit : > >> Signed-off-by: Norbert Lange <nolange79@gmail.com> >> --- >> package/openssh/openssh.mk | 6 +++--- >> package/openssh/sshd-host-keygen.service | 2 +- >> package/openssh/sshd.socket | 11 +++++++++++ >> package/openssh/sshd@.service | 10 ++++++++++ >> 4 files changed, 25 insertions(+), 4 deletions(-) >> create mode 100644 package/openssh/sshd.socket >> create mode 100644 package/openssh/sshd@.service >> >> diff --git a/package/openssh/openssh.mk b/package/openssh/openssh.mk >> index 1fcd957299..cbfe8f6f7d 100644 >> --- a/package/openssh/openssh.mk >> +++ b/package/openssh/openssh.mk >> @@ -116,9 +116,9 @@ endef >> OPENSSH_POST_INSTALL_TARGET_HOOKS += OPENSSH_INSTALL_SERVER_PROGRAMS >> >> define OPENSSH_INSTALL_INIT_SYSTEMD >> - mkdir $(TARGET_DIR)/usr/lib/systemd/system >> - $(INSTALL) -m 644 package/openssh/sshd*.service \ >> - $(TARGET_DIR)/usr/lib/systemd/system/ >> + mkdir -p $(TARGET_DIR)/usr/lib/systemd/system >> + $(INSTALL) -m 644 package/openssh/sshd*.service >> package/openssh/sshd.socket \ >> + $(TARGET_DIR)/usr/lib/systemd/system/. >> $(OPENSSH_INSTALL_SYSTEMD_SYSUSERS) >> endef >> >> diff --git a/package/openssh/sshd-host-keygen.service >> b/package/openssh/sshd-host-keygen.service >> index 2db1be16c4..0e071c9d8c 100644 >> --- a/package/openssh/sshd-host-keygen.service >> +++ b/package/openssh/sshd-host-keygen.service >> @@ -20,4 +20,4 @@ Type=oneshot >> RemainAfterExit=yes >> >> [Install] >> -WantedBy=sshd.service >> +WantedBy=sshd.service sshd.socket >> diff --git a/package/openssh/sshd.socket b/package/openssh/sshd.socket >> new file mode 100644 >> index 0000000000..bbae9ed7aa >> --- /dev/null >> +++ b/package/openssh/sshd.socket >> @@ -0,0 +1,11 @@ >> +[Unit] >> +Description=OpenBSD Secure Shell server socket >> +Before=sshd.service >> +Conflicts=sshd.service >> + >> +[Socket] >> +ListenStream=22 >> +Accept=yes >> + >> +[Install] >> +WantedBy=sockets.target >> diff --git a/package/openssh/sshd@.service b/package/openssh/sshd@ >> .service >> new file mode 100644 >> index 0000000000..b3a590d9a3 >> --- /dev/null >> +++ b/package/openssh/sshd@.service >> @@ -0,0 +1,10 @@ >> +[Unit] >> +Description=OpenBSD Secure Shell server per-connection daemon >> +Documentation=man:sshd(8) man:sshd_config(5) >> +After=auditd.service >> + >> +[Service] >> +ExecStart=-/usr/sbin/sshd -i >> +StandardInput=socket >> +RuntimeDirectory=sshd >> +RuntimeDirectoryMode=0755 >> -- >> 2.26.2 >> >> > > -- > [image: SMILE] <http://www.smile.eu/> > > 20 rue des Jardins > 92600 Asnières-sur-Seine > *Jérémy ROSEN* > Architecte technique > > [image: email] jeremy.rosen@smile.fr > [image: phone] +33 6 88 25 87 42 > [image: url] http://www.smile.eu > > [image: Twitter] <https://twitter.com/GroupeSmile> [image: Facebook] > <https://www.facebook.com/smileopensource> [image: LinkedIn] > <https://www.linkedin.com/company/smile> [image: Github] > <https://github.com/Smile-SA> > > [image: Découvrez l’univers Smile, rendez-vous sur smile.eu] > <https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature> > No, but I thought that was intentional, as this patch doesn't have an option to chose between singular sever and the socket activation mode. Norbert > > <https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature> >
Urgh Thx for pointing that out. That's why I don't like mail-based workflows... Anyway, I won't block the patch on that particular point, though I'd like it addressed if possible.... Cheers Jeremy Le jeu. 11 juin 2020 à 11:54, Norbert Lange <nolange79@gmail.com> a écrit : > > > Jérémy ROSEN <jeremy.rosen@smile.fr> schrieb am Do., 11. Juni 2020, 11:35: > >> Reviewed-By Jérémy Rosen <jeremy.rosen@smile.fr> >> >> (I think I didn't add my RB for that one..) >> >> Le jeu. 11 juin 2020 à 11:14, Norbert Lange <nolange79@gmail.com> a >> écrit : >> >>> Signed-off-by: Norbert Lange <nolange79@gmail.com> >>> --- >>> package/openssh/openssh.mk | 6 +++--- >>> package/openssh/sshd-host-keygen.service | 2 +- >>> package/openssh/sshd.socket | 11 +++++++++++ >>> package/openssh/sshd@.service | 10 ++++++++++ >>> 4 files changed, 25 insertions(+), 4 deletions(-) >>> create mode 100644 package/openssh/sshd.socket >>> create mode 100644 package/openssh/sshd@.service >>> >>> diff --git a/package/openssh/openssh.mk b/package/openssh/openssh.mk >>> index 1fcd957299..cbfe8f6f7d 100644 >>> --- a/package/openssh/openssh.mk >>> +++ b/package/openssh/openssh.mk >>> @@ -116,9 +116,9 @@ endef >>> OPENSSH_POST_INSTALL_TARGET_HOOKS += OPENSSH_INSTALL_SERVER_PROGRAMS >>> >>> define OPENSSH_INSTALL_INIT_SYSTEMD >>> - mkdir $(TARGET_DIR)/usr/lib/systemd/system >>> - $(INSTALL) -m 644 package/openssh/sshd*.service \ >>> - $(TARGET_DIR)/usr/lib/systemd/system/ >>> + mkdir -p $(TARGET_DIR)/usr/lib/systemd/system >>> + $(INSTALL) -m 644 package/openssh/sshd*.service >>> package/openssh/sshd.socket \ >>> + $(TARGET_DIR)/usr/lib/systemd/system/. >>> $(OPENSSH_INSTALL_SYSTEMD_SYSUSERS) >>> endef >>> >>> diff --git a/package/openssh/sshd-host-keygen.service >>> b/package/openssh/sshd-host-keygen.service >>> index 2db1be16c4..0e071c9d8c 100644 >>> --- a/package/openssh/sshd-host-keygen.service >>> +++ b/package/openssh/sshd-host-keygen.service >>> @@ -20,4 +20,4 @@ Type=oneshot >>> RemainAfterExit=yes >>> >>> [Install] >>> -WantedBy=sshd.service >>> +WantedBy=sshd.service sshd.socket >>> diff --git a/package/openssh/sshd.socket b/package/openssh/sshd.socket >>> new file mode 100644 >>> index 0000000000..bbae9ed7aa >>> --- /dev/null >>> +++ b/package/openssh/sshd.socket >>> @@ -0,0 +1,11 @@ >>> +[Unit] >>> +Description=OpenBSD Secure Shell server socket >>> +Before=sshd.service >>> +Conflicts=sshd.service >>> + >>> +[Socket] >>> +ListenStream=22 >>> +Accept=yes >>> + >>> +[Install] >>> +WantedBy=sockets.target >>> diff --git a/package/openssh/sshd@.service b/package/openssh/sshd@ >>> .service >>> new file mode 100644 >>> index 0000000000..b3a590d9a3 >>> --- /dev/null >>> +++ b/package/openssh/sshd@.service >>> @@ -0,0 +1,10 @@ >>> +[Unit] >>> +Description=OpenBSD Secure Shell server per-connection daemon >>> +Documentation=man:sshd(8) man:sshd_config(5) >>> +After=auditd.service >>> + >>> +[Service] >>> +ExecStart=-/usr/sbin/sshd -i >>> +StandardInput=socket >>> +RuntimeDirectory=sshd >>> +RuntimeDirectoryMode=0755 >>> -- >>> 2.26.2 >>> >>> >> >> -- >> [image: SMILE] <http://www.smile.eu/> >> >> 20 rue des Jardins >> 92600 Asnières-sur-Seine >> *Jérémy ROSEN* >> Architecte technique >> >> [image: email] jeremy.rosen@smile.fr >> [image: phone] +33 6 88 25 87 42 >> [image: url] http://www.smile.eu >> >> [image: Twitter] <https://twitter.com/GroupeSmile> [image: Facebook] >> <https://www.facebook.com/smileopensource> [image: LinkedIn] >> <https://www.linkedin.com/company/smile> [image: Github] >> <https://github.com/Smile-SA> >> >> [image: Découvrez l’univers Smile, rendez-vous sur smile.eu] >> <https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature> >> > > No, but I thought that was intentional, as this patch doesn't have an > option to chose between singular sever and the socket activation mode. > > Norbert > >> >> <https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature> >> >
diff --git a/package/openssh/openssh.mk b/package/openssh/openssh.mk index 1fcd957299..cbfe8f6f7d 100644 --- a/package/openssh/openssh.mk +++ b/package/openssh/openssh.mk @@ -116,9 +116,9 @@ endef OPENSSH_POST_INSTALL_TARGET_HOOKS += OPENSSH_INSTALL_SERVER_PROGRAMS define OPENSSH_INSTALL_INIT_SYSTEMD - mkdir $(TARGET_DIR)/usr/lib/systemd/system - $(INSTALL) -m 644 package/openssh/sshd*.service \ - $(TARGET_DIR)/usr/lib/systemd/system/ + mkdir -p $(TARGET_DIR)/usr/lib/systemd/system + $(INSTALL) -m 644 package/openssh/sshd*.service package/openssh/sshd.socket \ + $(TARGET_DIR)/usr/lib/systemd/system/. $(OPENSSH_INSTALL_SYSTEMD_SYSUSERS) endef diff --git a/package/openssh/sshd-host-keygen.service b/package/openssh/sshd-host-keygen.service index 2db1be16c4..0e071c9d8c 100644 --- a/package/openssh/sshd-host-keygen.service +++ b/package/openssh/sshd-host-keygen.service @@ -20,4 +20,4 @@ Type=oneshot RemainAfterExit=yes [Install] -WantedBy=sshd.service +WantedBy=sshd.service sshd.socket diff --git a/package/openssh/sshd.socket b/package/openssh/sshd.socket new file mode 100644 index 0000000000..bbae9ed7aa --- /dev/null +++ b/package/openssh/sshd.socket @@ -0,0 +1,11 @@ +[Unit] +Description=OpenBSD Secure Shell server socket +Before=sshd.service +Conflicts=sshd.service + +[Socket] +ListenStream=22 +Accept=yes + +[Install] +WantedBy=sockets.target diff --git a/package/openssh/sshd@.service b/package/openssh/sshd@.service new file mode 100644 index 0000000000..b3a590d9a3 --- /dev/null +++ b/package/openssh/sshd@.service @@ -0,0 +1,10 @@ +[Unit] +Description=OpenBSD Secure Shell server per-connection daemon +Documentation=man:sshd(8) man:sshd_config(5) +After=auditd.service + +[Service] +ExecStart=-/usr/sbin/sshd -i +StandardInput=socket +RuntimeDirectory=sshd +RuntimeDirectoryMode=0755
Signed-off-by: Norbert Lange <nolange79@gmail.com> --- package/openssh/openssh.mk | 6 +++--- package/openssh/sshd-host-keygen.service | 2 +- package/openssh/sshd.socket | 11 +++++++++++ package/openssh/sshd@.service | 10 ++++++++++ 4 files changed, 25 insertions(+), 4 deletions(-) create mode 100644 package/openssh/sshd.socket create mode 100644 package/openssh/sshd@.service