[OE-core] [PATCH 1/4] openssh: Package server configuration

David Vincent Mon, 23 Jan 2017 06:56:34 -0800

Split sshd configuration for read-write/read-only rootfs in two distinct
packages. Also, add a package dependency between openssh-sshd package
and a provider of sshd-config.


Signed-off-by: David Vincent <freesili...@gmail.com>
---
 meta/recipes-connectivity/openssh/openssh_7.3p1.bb | 47 ++++++++++++++++++----
 1 file changed, 40 insertions(+), 7 deletions(-)

diff --git a/meta/recipes-connectivity/openssh/openssh_7.3p1.bb 
b/meta/recipes-connectivity/openssh/openssh_7.3p1.bb
index 94eb0ed208..c02bb7d450 100644
--- a/meta/recipes-connectivity/openssh/openssh_7.3p1.bb
+++ b/meta/recipes-connectivity/openssh/openssh_7.3p1.bb
@@ -92,13 +92,17 @@ do_compile_ptest() {
 }
 
 do_install_append () {
+       # Create default config files
+       install -m 0644 ${D}${sysconfdir}/ssh/sshd_config 
${D}${sysconfdir}/ssh/sshd_config_default
+       rm -f ${D}${sysconfdir}/ssh/sshd_config
+
        if [ "${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'pam', '', d)}" = 
"pam" ]; then
                install -D -m 0644 ${WORKDIR}/sshd ${D}${sysconfdir}/pam.d/sshd
-               sed -i -e 's:#UsePAM no:UsePAM yes:' 
${D}${sysconfdir}/ssh/sshd_config
+               sed -i -e 's:#UsePAM no:UsePAM yes:' 
${D}${sysconfdir}/ssh/sshd_config_default
        fi
 
        if [ "${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'x11', '', d)}" = 
"x11" ]; then
-               sed -i -e 's:#X11Forwarding no:X11Forwarding yes:' 
${D}${sysconfdir}/ssh/sshd_config
+               sed -i -e 's:#X11Forwarding no:X11Forwarding yes:' 
${D}${sysconfdir}/ssh/sshd_config_default
        fi
 
        install -d ${D}${sysconfdir}/init.d
@@ -111,7 +115,7 @@ do_install_append () {
 
        # Create config files for read-only rootfs
        install -d ${D}${sysconfdir}/ssh
-       install -m 644 ${D}${sysconfdir}/ssh/sshd_config 
${D}${sysconfdir}/ssh/sshd_config_readonly
+       install -m 644 ${D}${sysconfdir}/ssh/sshd_config_default 
${D}${sysconfdir}/ssh/sshd_config_readonly
        sed -i '/HostKey/d' ${D}${sysconfdir}/ssh/sshd_config_readonly
        echo "HostKey /var/run/ssh/ssh_host_rsa_key" >> 
${D}${sysconfdir}/ssh/sshd_config_readonly
        echo "HostKey /var/run/ssh/ssh_host_dsa_key" >> 
${D}${sysconfdir}/ssh/sshd_config_readonly
@@ -135,30 +139,59 @@ do_install_ptest () {
 
 ALLOW_EMPTY_${PN} = "1"
 
-PACKAGES =+ "${PN}-keygen ${PN}-scp ${PN}-ssh ${PN}-sshd ${PN}-sftp ${PN}-misc 
${PN}-sftp-server"
+PACKAGES =+ "${PN}-keygen ${PN}-scp ${PN}-ssh ${PN}-sshd-config 
${PN}-sshd-config-readonly ${PN}-sshd ${PN}-sftp ${PN}-misc ${PN}-sftp-server"
 FILES_${PN}-scp = "${bindir}/scp.${BPN}"
 FILES_${PN}-ssh = "${bindir}/ssh.${BPN} ${sysconfdir}/ssh/ssh_config"
+FILES_${PN}-sshd-config = "${sysconfdir}/ssh/sshd_config_default"
+FILES_${PN}-sshd-config-readonly = "${sysconfdir}/ssh/sshd_config_readonly"
 FILES_${PN}-sshd = "${sbindir}/sshd ${sysconfdir}/init.d/sshd 
${systemd_unitdir}/system"
-FILES_${PN}-sshd += "${sysconfdir}/ssh/moduli ${sysconfdir}/ssh/sshd_config 
${sysconfdir}/ssh/sshd_config_readonly ${sysconfdir}/default/volatiles/99_sshd 
${sysconfdir}/pam.d/sshd"
+FILES_${PN}-sshd += "${sysconfdir}/ssh/moduli 
${sysconfdir}/default/volatiles/99_sshd ${sysconfdir}/pam.d/sshd"
 FILES_${PN}-sftp = "${bindir}/sftp"
 FILES_${PN}-sftp-server = "${libexecdir}/sftp-server"
 FILES_${PN}-misc = "${bindir}/ssh* ${libexecdir}/ssh*"
 FILES_${PN}-keygen = "${bindir}/ssh-keygen"
 
 RDEPENDS_${PN} += "${PN}-scp ${PN}-ssh ${PN}-sshd ${PN}-keygen"
-RDEPENDS_${PN}-sshd += "${PN}-keygen ${@bb.utils.contains('DISTRO_FEATURES', 
'pam', 'pam-plugin-keyinit pam-plugin-loginuid', '', d)}"
+RDEPENDS_${PN}-sshd += "${PN}-keygen sshd-config 
${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'pam-plugin-keyinit 
pam-plugin-loginuid', '', d)}"
 RDEPENDS_${PN}-ptest += "${PN}-sftp ${PN}-misc ${PN}-sftp-server make"
 
 RPROVIDES_${PN}-ssh = "ssh"
+RPROVIDES_${PN}-sshd-config = "sshd-config"
+RPROVIDES_${PN}-sshd-config-readonly = "sshd-config"
 RPROVIDES_${PN}-sshd = "sshd"
 
 RCONFLICTS_${PN} = "dropbear"
+RCONFLICTS_${PN}-sshd-config = "${PN}-sshd-config-readonly"
+RCONFLICTS_${PN}-sshd-config-readonly = "${PN}-sshd-config"
 RCONFLICTS_${PN}-sshd = "dropbear"
 RCONFLICTS_${PN}-keygen = "ssh-keygen"
 
-CONFFILES_${PN}-sshd = "${sysconfdir}/ssh/sshd_config"
+CONFFILES_${PN}-sshd-config = "${sysconfdir}/ssh/sshd_config_default"
+CONFFILES_${PN}-sshd-config-readonly = "${sysconfdir}/ssh/sshd_config_readonly"
 CONFFILES_${PN}-ssh = "${sysconfdir}/ssh/ssh_config"
 
+pkg_postinst_${PN}-sshd-config () {
+#!/bin/sh
+if [ -e $D${sysconfdir}/ssh/sshd_config ]; then
+    rm $D${sysconfdir}/ssh/sshd_config
+fi
+
+# Make sure destination directory exists, before creating the symlink
+mkdir -p $D${sysconfdir}/ssh
+ln -s sshd_config_default $D${sysconfdir}/ssh/sshd_config
+}
+
+pkg_postinst_${PN}-sshd-config-readonly () {
+#!/bin/sh
+if [ -e $D${sysconfdir}/ssh/sshd_config ]; then
+    rm $D${sysconfdir}/ssh/sshd_config
+fi
+
+# Make sure destination directory exists, before creating the symlink
+mkdir -p $D${sysconfdir}/ssh
+ln -s sshd_config_readonly $D${sysconfdir}/ssh/sshd_config
+}
+
 ALTERNATIVE_PRIORITY = "90"
 ALTERNATIVE_${PN}-scp = "scp"
 ALTERNATIVE_${PN}-ssh = "ssh"
-- 
2.11.0

-- 
_______________________________________________
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 1/4] openssh: Package server configuration

Reply via email to