diff mbox series

[v2,3/3] package/openssh: add sd socket-activated ssh daemon services

Message ID 20200611091407.12688-4-nolange79@gmail.com
State Awaiting Upstream
Delegated to: Thomas Petazzoni
Headers show
Series [v2,1/3] package/openssh: improve integration for systemd | expand

Commit Message

Norbert Lange June 11, 2020, 9:14 a.m. UTC 
Signed-off-by: Norbert Lange <nolange79@gmail.com>
---
 package/openssh/openssh.mk               |  6 +++---
 package/openssh/sshd-host-keygen.service |  2 +-
 package/openssh/sshd.socket              | 11 +++++++++++
 package/openssh/sshd@.service            | 10 ++++++++++
 4 files changed, 25 insertions(+), 4 deletions(-)
 create mode 100644 package/openssh/sshd.socket
 create mode 100644 package/openssh/sshd@.service

Comments

Jérémy ROSEN June 11, 2020, 9:35 a.m. UTC | #1 
Reviewed-By Jérémy Rosen <jeremy.rosen@smile.fr>

(I think I didn't add my RB for that one..)

Le jeu. 11 juin 2020 à 11:14, Norbert Lange <nolange79@gmail.com> a écrit :

> Signed-off-by: Norbert Lange <nolange79@gmail.com>
> ---
>  package/openssh/openssh.mk               |  6 +++---
>  package/openssh/sshd-host-keygen.service |  2 +-
>  package/openssh/sshd.socket              | 11 +++++++++++
>  package/openssh/sshd@.service            | 10 ++++++++++
>  4 files changed, 25 insertions(+), 4 deletions(-)
>  create mode 100644 package/openssh/sshd.socket
>  create mode 100644 package/openssh/sshd@.service
>
> diff --git a/package/openssh/openssh.mk b/package/openssh/openssh.mk
> index 1fcd957299..cbfe8f6f7d 100644
> --- a/package/openssh/openssh.mk
> +++ b/package/openssh/openssh.mk
> @@ -116,9 +116,9 @@ endef
>  OPENSSH_POST_INSTALL_TARGET_HOOKS += OPENSSH_INSTALL_SERVER_PROGRAMS
>
>  define OPENSSH_INSTALL_INIT_SYSTEMD
> -       mkdir $(TARGET_DIR)/usr/lib/systemd/system
> -       $(INSTALL) -m 644 package/openssh/sshd*.service \
> -               $(TARGET_DIR)/usr/lib/systemd/system/
> +       mkdir -p $(TARGET_DIR)/usr/lib/systemd/system
> +       $(INSTALL) -m 644 package/openssh/sshd*.service
> package/openssh/sshd.socket \
> +               $(TARGET_DIR)/usr/lib/systemd/system/.
>         $(OPENSSH_INSTALL_SYSTEMD_SYSUSERS)
>  endef
>
> diff --git a/package/openssh/sshd-host-keygen.service
> b/package/openssh/sshd-host-keygen.service
> index 2db1be16c4..0e071c9d8c 100644
> --- a/package/openssh/sshd-host-keygen.service
> +++ b/package/openssh/sshd-host-keygen.service
> @@ -20,4 +20,4 @@ Type=oneshot
>  RemainAfterExit=yes
>
>  [Install]
> -WantedBy=sshd.service
> +WantedBy=sshd.service sshd.socket
> diff --git a/package/openssh/sshd.socket b/package/openssh/sshd.socket
> new file mode 100644
> index 0000000000..bbae9ed7aa
> --- /dev/null
> +++ b/package/openssh/sshd.socket
> @@ -0,0 +1,11 @@
> +[Unit]
> +Description=OpenBSD Secure Shell server socket
> +Before=sshd.service
> +Conflicts=sshd.service
> +
> +[Socket]
> +ListenStream=22
> +Accept=yes
> +
> +[Install]
> +WantedBy=sockets.target
> diff --git a/package/openssh/sshd@.service b/package/openssh/sshd@.service
> new file mode 100644
> index 0000000000..b3a590d9a3
> --- /dev/null
> +++ b/package/openssh/sshd@.service
> @@ -0,0 +1,10 @@
> +[Unit]
> +Description=OpenBSD Secure Shell server per-connection daemon
> +Documentation=man:sshd(8) man:sshd_config(5)
> +After=auditd.service
> +
> +[Service]
> +ExecStart=-/usr/sbin/sshd -i
> +StandardInput=socket
> +RuntimeDirectory=sshd
> +RuntimeDirectoryMode=0755
> --
> 2.26.2
>
>
Norbert Lange June 11, 2020, 9:54 a.m. UTC | #2 
Jérémy ROSEN <jeremy.rosen@smile.fr> schrieb am Do., 11. Juni 2020, 11:35:

> Reviewed-By Jérémy Rosen <jeremy.rosen@smile.fr>
>
> (I think I didn't add my RB for that one..)
>
> Le jeu. 11 juin 2020 à 11:14, Norbert Lange <nolange79@gmail.com> a
> écrit :
>
>> Signed-off-by: Norbert Lange <nolange79@gmail.com>
>> ---
>>  package/openssh/openssh.mk               |  6 +++---
>>  package/openssh/sshd-host-keygen.service |  2 +-
>>  package/openssh/sshd.socket              | 11 +++++++++++
>>  package/openssh/sshd@.service            | 10 ++++++++++
>>  4 files changed, 25 insertions(+), 4 deletions(-)
>>  create mode 100644 package/openssh/sshd.socket
>>  create mode 100644 package/openssh/sshd@.service
>>
>> diff --git a/package/openssh/openssh.mk b/package/openssh/openssh.mk
>> index 1fcd957299..cbfe8f6f7d 100644
>> --- a/package/openssh/openssh.mk
>> +++ b/package/openssh/openssh.mk
>> @@ -116,9 +116,9 @@ endef
>>  OPENSSH_POST_INSTALL_TARGET_HOOKS += OPENSSH_INSTALL_SERVER_PROGRAMS
>>
>>  define OPENSSH_INSTALL_INIT_SYSTEMD
>> -       mkdir $(TARGET_DIR)/usr/lib/systemd/system
>> -       $(INSTALL) -m 644 package/openssh/sshd*.service \
>> -               $(TARGET_DIR)/usr/lib/systemd/system/
>> +       mkdir -p $(TARGET_DIR)/usr/lib/systemd/system
>> +       $(INSTALL) -m 644 package/openssh/sshd*.service
>> package/openssh/sshd.socket \
>> +               $(TARGET_DIR)/usr/lib/systemd/system/.
>>         $(OPENSSH_INSTALL_SYSTEMD_SYSUSERS)
>>  endef
>>
>> diff --git a/package/openssh/sshd-host-keygen.service
>> b/package/openssh/sshd-host-keygen.service
>> index 2db1be16c4..0e071c9d8c 100644
>> --- a/package/openssh/sshd-host-keygen.service
>> +++ b/package/openssh/sshd-host-keygen.service
>> @@ -20,4 +20,4 @@ Type=oneshot
>>  RemainAfterExit=yes
>>
>>  [Install]
>> -WantedBy=sshd.service
>> +WantedBy=sshd.service sshd.socket
>> diff --git a/package/openssh/sshd.socket b/package/openssh/sshd.socket
>> new file mode 100644
>> index 0000000000..bbae9ed7aa
>> --- /dev/null
>> +++ b/package/openssh/sshd.socket
>> @@ -0,0 +1,11 @@
>> +[Unit]
>> +Description=OpenBSD Secure Shell server socket
>> +Before=sshd.service
>> +Conflicts=sshd.service
>> +
>> +[Socket]
>> +ListenStream=22
>> +Accept=yes
>> +
>> +[Install]
>> +WantedBy=sockets.target
>> diff --git a/package/openssh/sshd@.service b/package/openssh/sshd@
>> .service
>> new file mode 100644
>> index 0000000000..b3a590d9a3
>> --- /dev/null
>> +++ b/package/openssh/sshd@.service
>> @@ -0,0 +1,10 @@
>> +[Unit]
>> +Description=OpenBSD Secure Shell server per-connection daemon
>> +Documentation=man:sshd(8) man:sshd_config(5)
>> +After=auditd.service
>> +
>> +[Service]
>> +ExecStart=-/usr/sbin/sshd -i
>> +StandardInput=socket
>> +RuntimeDirectory=sshd
>> +RuntimeDirectoryMode=0755
>> --
>> 2.26.2
>>
>>
>
> --
> [image: SMILE]  <http://www.smile.eu/>
>
> 20 rue des Jardins
> 92600 Asnières-sur-Seine
> *Jérémy ROSEN*
> Architecte technique
>
> [image: email] jeremy.rosen@smile.fr
> [image: phone]  +33 6 88 25 87 42
> [image: url] http://www.smile.eu
>
> [image: Twitter] <https://twitter.com/GroupeSmile> [image: Facebook]
> <https://www.facebook.com/smileopensource> [image: LinkedIn]
> <https://www.linkedin.com/company/smile> [image: Github]
> <https://github.com/Smile-SA>
>
> [image: Découvrez l’univers Smile, rendez-vous sur smile.eu]
> <https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature>
>

No, but I thought that was intentional, as this patch doesn't have an
option to chose between singular sever and the socket activation mode.

Norbert

>
> <https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature>
>
Jérémy ROSEN June 11, 2020, 1:39 p.m. UTC | #3 
Urgh
Thx for pointing that out. That's why I don't like mail-based workflows...

Anyway, I won't block the patch on that particular point, though I'd like
it addressed if possible....


Cheers
Jeremy


Le jeu. 11 juin 2020 à 11:54, Norbert Lange <nolange79@gmail.com> a écrit :

>
>
> Jérémy ROSEN <jeremy.rosen@smile.fr> schrieb am Do., 11. Juni 2020, 11:35:
>
>> Reviewed-By Jérémy Rosen <jeremy.rosen@smile.fr>
>>
>> (I think I didn't add my RB for that one..)
>>
>> Le jeu. 11 juin 2020 à 11:14, Norbert Lange <nolange79@gmail.com> a
>> écrit :
>>
>>> Signed-off-by: Norbert Lange <nolange79@gmail.com>
>>> ---
>>>  package/openssh/openssh.mk               |  6 +++---
>>>  package/openssh/sshd-host-keygen.service |  2 +-
>>>  package/openssh/sshd.socket              | 11 +++++++++++
>>>  package/openssh/sshd@.service            | 10 ++++++++++
>>>  4 files changed, 25 insertions(+), 4 deletions(-)
>>>  create mode 100644 package/openssh/sshd.socket
>>>  create mode 100644 package/openssh/sshd@.service
>>>
>>> diff --git a/package/openssh/openssh.mk b/package/openssh/openssh.mk
>>> index 1fcd957299..cbfe8f6f7d 100644
>>> --- a/package/openssh/openssh.mk
>>> +++ b/package/openssh/openssh.mk
>>> @@ -116,9 +116,9 @@ endef
>>>  OPENSSH_POST_INSTALL_TARGET_HOOKS += OPENSSH_INSTALL_SERVER_PROGRAMS
>>>
>>>  define OPENSSH_INSTALL_INIT_SYSTEMD
>>> -       mkdir $(TARGET_DIR)/usr/lib/systemd/system
>>> -       $(INSTALL) -m 644 package/openssh/sshd*.service \
>>> -               $(TARGET_DIR)/usr/lib/systemd/system/
>>> +       mkdir -p $(TARGET_DIR)/usr/lib/systemd/system
>>> +       $(INSTALL) -m 644 package/openssh/sshd*.service
>>> package/openssh/sshd.socket \
>>> +               $(TARGET_DIR)/usr/lib/systemd/system/.
>>>         $(OPENSSH_INSTALL_SYSTEMD_SYSUSERS)
>>>  endef
>>>
>>> diff --git a/package/openssh/sshd-host-keygen.service
>>> b/package/openssh/sshd-host-keygen.service
>>> index 2db1be16c4..0e071c9d8c 100644
>>> --- a/package/openssh/sshd-host-keygen.service
>>> +++ b/package/openssh/sshd-host-keygen.service
>>> @@ -20,4 +20,4 @@ Type=oneshot
>>>  RemainAfterExit=yes
>>>
>>>  [Install]
>>> -WantedBy=sshd.service
>>> +WantedBy=sshd.service sshd.socket
>>> diff --git a/package/openssh/sshd.socket b/package/openssh/sshd.socket
>>> new file mode 100644
>>> index 0000000000..bbae9ed7aa
>>> --- /dev/null
>>> +++ b/package/openssh/sshd.socket
>>> @@ -0,0 +1,11 @@
>>> +[Unit]
>>> +Description=OpenBSD Secure Shell server socket
>>> +Before=sshd.service
>>> +Conflicts=sshd.service
>>> +
>>> +[Socket]
>>> +ListenStream=22
>>> +Accept=yes
>>> +
>>> +[Install]
>>> +WantedBy=sockets.target
>>> diff --git a/package/openssh/sshd@.service b/package/openssh/sshd@
>>> .service
>>> new file mode 100644
>>> index 0000000000..b3a590d9a3
>>> --- /dev/null
>>> +++ b/package/openssh/sshd@.service
>>> @@ -0,0 +1,10 @@
>>> +[Unit]
>>> +Description=OpenBSD Secure Shell server per-connection daemon
>>> +Documentation=man:sshd(8) man:sshd_config(5)
>>> +After=auditd.service
>>> +
>>> +[Service]
>>> +ExecStart=-/usr/sbin/sshd -i
>>> +StandardInput=socket
>>> +RuntimeDirectory=sshd
>>> +RuntimeDirectoryMode=0755
>>> --
>>> 2.26.2
>>>
>>>
>>
>> --
>> [image: SMILE]  <http://www.smile.eu/>
>>
>> 20 rue des Jardins
>> 92600 Asnières-sur-Seine
>> *Jérémy ROSEN*
>> Architecte technique
>>
>> [image: email] jeremy.rosen@smile.fr
>> [image: phone]  +33 6 88 25 87 42
>> [image: url] http://www.smile.eu
>>
>> [image: Twitter] <https://twitter.com/GroupeSmile> [image: Facebook]
>> <https://www.facebook.com/smileopensource> [image: LinkedIn]
>> <https://www.linkedin.com/company/smile> [image: Github]
>> <https://github.com/Smile-SA>
>>
>> [image: Découvrez l’univers Smile, rendez-vous sur smile.eu]
>> <https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature>
>>
>
> No, but I thought that was intentional, as this patch doesn't have an
> option to chose between singular sever and the socket activation mode.
>
> Norbert
>
>>
>> <https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature>
>>
>
diff mbox series

Patch

diff --git a/package/openssh/openssh.mk b/package/openssh/openssh.mk
index 1fcd957299..cbfe8f6f7d 100644
--- a/package/openssh/openssh.mk
+++ b/package/openssh/openssh.mk
@@ -116,9 +116,9 @@  endef
 OPENSSH_POST_INSTALL_TARGET_HOOKS += OPENSSH_INSTALL_SERVER_PROGRAMS
 
 define OPENSSH_INSTALL_INIT_SYSTEMD
-	mkdir $(TARGET_DIR)/usr/lib/systemd/system
-	$(INSTALL) -m 644 package/openssh/sshd*.service \
-		$(TARGET_DIR)/usr/lib/systemd/system/
+	mkdir -p $(TARGET_DIR)/usr/lib/systemd/system
+	$(INSTALL) -m 644 package/openssh/sshd*.service package/openssh/sshd.socket \
+		$(TARGET_DIR)/usr/lib/systemd/system/.
 	$(OPENSSH_INSTALL_SYSTEMD_SYSUSERS)
 endef
 
diff --git a/package/openssh/sshd-host-keygen.service b/package/openssh/sshd-host-keygen.service
index 2db1be16c4..0e071c9d8c 100644
--- a/package/openssh/sshd-host-keygen.service
+++ b/package/openssh/sshd-host-keygen.service
@@ -20,4 +20,4 @@  Type=oneshot
 RemainAfterExit=yes
 
 [Install]
-WantedBy=sshd.service
+WantedBy=sshd.service sshd.socket
diff --git a/package/openssh/sshd.socket b/package/openssh/sshd.socket
new file mode 100644
index 0000000000..bbae9ed7aa
--- /dev/null
+++ b/package/openssh/sshd.socket
@@ -0,0 +1,11 @@ 
+[Unit]
+Description=OpenBSD Secure Shell server socket
+Before=sshd.service
+Conflicts=sshd.service
+
+[Socket]
+ListenStream=22
+Accept=yes
+
+[Install]
+WantedBy=sockets.target
diff --git a/package/openssh/sshd@.service b/package/openssh/sshd@.service
new file mode 100644
index 0000000000..b3a590d9a3
--- /dev/null
+++ b/package/openssh/sshd@.service
@@ -0,0 +1,10 @@ 
+[Unit]
+Description=OpenBSD Secure Shell server per-connection daemon
+Documentation=man:sshd(8) man:sshd_config(5)
+After=auditd.service
+
+[Service]
+ExecStart=-/usr/sbin/sshd -i
+StandardInput=socket
+RuntimeDirectory=sshd
+RuntimeDirectoryMode=0755