devel/openssh/sshd.init

#!/bin/bash
#
# sshd		Start up the OpenSSH server daemon
#
# chkconfig: 2345 55 25
# description: SSH is a protocol for secure remote shell access. \
#              This service starts up the OpenSSH server daemon.
#
# processname: sshd
# config: /etc/ssh/ssh_host_key
# config: /etc/ssh/ssh_host_key.pub
# config: /etc/ssh/ssh_random_seed
# config: /etc/ssh/sshd_config
# pidfile: /var/run/sshd.pid

### BEGIN INIT INFO
# Provides: sshd
# Required-Start: $local_fs $network $syslog
# Required-Stop: $local_fs $syslog
# Should-Start: $syslog
# Should-Stop: $network $syslog
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Start up the OpenSSH server daemon
# Description:       SSH is a protocol for secure remote shell access.
#		     This service starts up the OpenSSH server daemon.
### END INIT INFO

# source function library
. /etc/rc.d/init.d/functions

# pull in sysconfig settings
[ -f /etc/sysconfig/sshd ] && . /etc/sysconfig/sshd

RETVAL=0
prog="sshd"
lockfile=/var/lock/subsys/$prog

# Some functions to make the below more readable
KEYGEN=/usr/bin/ssh-keygen
SSHD=/usr/sbin/sshd
RSA1_KEY=/etc/ssh/ssh_host_key
RSA_KEY=/etc/ssh/ssh_host_rsa_key
DSA_KEY=/etc/ssh/ssh_host_dsa_key
PID_FILE=/var/run/sshd.pid

runlevel=$(set -- $(runlevel); eval "echo \$$#" )

do_rsa1_keygen() {
	if [ ! -s $RSA1_KEY ]; then
		echo -n $"Generating SSH1 RSA host key: "
		rm -f $RSA1_KEY
		if test ! -f $RSA1_KEY && $KEYGEN -q -t rsa1 -f $RSA1_KEY -C '' -N '' >&/dev/null; then
			chmod 600 $RSA1_KEY
			chmod 644 $RSA1_KEY.pub
			if [ -x /sbin/restorecon ]; then
			    /sbin/restorecon $RSA1_KEY.pub
			fi
			success $"RSA1 key generation"
			echo
		else
			failure $"RSA1 key generation"
			echo
			exit 1
		fi
	fi
}

do_rsa_keygen() {
	if [ ! -s $RSA_KEY ]; then
		echo -n $"Generating SSH2 RSA host key: "
		rm -f $RSA_KEY
		if test ! -f $RSA_KEY && $KEYGEN -q -t rsa -f $RSA_KEY -C '' -N '' >&/dev/null; then
			chmod 600 $RSA_KEY
			chmod 644 $RSA_KEY.pub
			if [ -x /sbin/restorecon ]; then
			    /sbin/restorecon $RSA_KEY.pub
			fi
			success $"RSA key generation"
			echo
		else
			failure $"RSA key generation"
			echo
			exit 1
		fi
	fi
}

do_dsa_keygen() {
	if [ ! -s $DSA_KEY ]; then
		echo -n $"Generating SSH2 DSA host key: "
		rm -f $DSA_KEY
		if test ! -f $DSA_KEY && $KEYGEN -q -t dsa -f $DSA_KEY -C '' -N '' >&/dev/null; then
			chmod 600 $DSA_KEY
			chmod 644 $DSA_KEY.pub
			if [ -x /sbin/restorecon ]; then
			    /sbin/restorecon $DSA_KEY.pub
			fi
			success $"DSA key generation"
			echo
		else
			failure $"DSA key generation"
			echo
			exit 1
		fi
	fi
}

do_restart_sanity_check()
{
	$SSHD -t
	RETVAL=$?
	if [ $RETVAL -ne  0 ]; then
		failure $"Configuration file or keys are invalid"
		echo
	fi
}

start()
{
	[ -x $SSHD ] || exit 5
	[ -f /etc/ssh/sshd_config ] || exit 6
	# Create keys if necessary
	if [ "x${AUTOCREATE_SERVER_KEYS}" != xNO ]; then
		do_rsa1_keygen
		do_rsa_keygen
		do_dsa_keygen
	fi

	echo -n $"Starting $prog: "
	$SSHD $OPTIONS && success || failure
	RETVAL=$?
	[ $RETVAL -eq 0 ] && touch $lockfile
	echo
	return $RETVAL
}

stop()
{
	echo -n $"Stopping $prog: "
	if [ -n "`pidfileofproc $SSHD`" ] ; then
	    killproc $SSHD
	else
	    failure $"Stopping $prog"
	fi
	RETVAL=$?
	# if we are in halt or reboot runlevel kill all running sessions
	# so the TCP connections are closed cleanly
	if [ "x$runlevel" = x0 -o "x$runlevel" = x6 ] ; then
	    trap '' TERM
	    killall $prog 2>/dev/null
	    trap TERM
	fi
	[ $RETVAL -eq 0 ] && rm -f $lockfile
	echo
}

reload()
{
	echo -n $"Reloading $prog: "
	if [ -n "`pidfileofproc $SSHD`" ] ; then
	    killproc $SSHD -HUP
	else
	    failure $"Reloading $prog"
	fi
	RETVAL=$?
	echo
}

restart() {
	stop
	start
}

force_reload() {
	restart
}

rh_status() {
	status -p $PID_FILE openssh-daemon
}

rh_status_q() {
	rh_status >/dev/null 2>&1
}

case "$1" in
	start)
		rh_status_q && exit 0
		start
		;;
	stop)
		if ! rh_status_q; then
			rm -f $lockfile
			exit 0
		fi
		stop
		;;
	restart)
		restart
		;;
	reload)
		rh_status_q || exit 7
		reload
		;;
	force-reload)
		force_reload
		;;
	condrestart|try-restart)
		rh_status_q || exit 0
		if [ -f $lockfile ] ; then
			do_restart_sanity_check
			if [ $RETVAL -eq 0 ] ; then
				stop
				# avoid race
				sleep 3
				start
			else
				RETVAL=6
			fi
		fi
		;;
	status)
		rh_status
		RETVAL=$?
		if [ $RETVAL -eq 3 -a -f $lockfile ] ; then
			RETVAL=2
		fi
		;;
	*)
		echo $"Usage: $0 {start|stop|restart|reload|force-reload|condrestart|try-restart|status}"
		RETVAL=2
esac
exit $RETVAL
1	#!/bin/bash
2	#
3	# sshd Start up the OpenSSH server daemon
4	#
5	# chkconfig: 2345 55 25
6	# description: SSH is a protocol for secure remote shell access. \
7	# This service starts up the OpenSSH server daemon.
8	#
9	# processname: sshd
10	# config: /etc/ssh/ssh_host_key
11	# config: /etc/ssh/ssh_host_key.pub
12	# config: /etc/ssh/ssh_random_seed
13	# config: /etc/ssh/sshd_config
14	# pidfile: /var/run/sshd.pid
15
16	### BEGIN INIT INFO
17	# Provides: sshd
18	# Required-Start: $local_fs $network $syslog
19	# Required-Stop: $local_fs $syslog
20	# Should-Start: $syslog
21	# Should-Stop: $network $syslog
22	# Default-Start: 2 3 4 5
23	# Default-Stop: 0 1 6
24	# Short-Description: Start up the OpenSSH server daemon
25	# Description: SSH is a protocol for secure remote shell access.
26	# This service starts up the OpenSSH server daemon.
27	### END INIT INFO
28
29	# source function library
30	. /etc/rc.d/init.d/functions
31
32	# pull in sysconfig settings
33	[ -f /etc/sysconfig/sshd ] && . /etc/sysconfig/sshd
34
35	RETVAL=0
36	prog="sshd"
37	lockfile=/var/lock/subsys/$prog
38
39	# Some functions to make the below more readable
40	KEYGEN=/usr/bin/ssh-keygen
41	SSHD=/usr/sbin/sshd
42	RSA1_KEY=/etc/ssh/ssh_host_key
43	RSA_KEY=/etc/ssh/ssh_host_rsa_key
44	DSA_KEY=/etc/ssh/ssh_host_dsa_key
45	PID_FILE=/var/run/sshd.pid
46
47	runlevel=$(set -- $(runlevel); eval "echo \$$#" )
48
49	do_rsa1_keygen() {
50	if [ ! -s $RSA1_KEY ]; then
51	echo -n $"Generating SSH1 RSA host key: "
52	rm -f $RSA1_KEY
53	if test ! -f $RSA1_KEY && $KEYGEN -q -t rsa1 -f $RSA1_KEY -C '' -N '' >&/dev/null; then
54	chmod 600 $RSA1_KEY
55	chmod 644 $RSA1_KEY.pub
56	if [ -x /sbin/restorecon ]; then
57	/sbin/restorecon $RSA1_KEY.pub
58	fi
59	success $"RSA1 key generation"
60	echo
61	else
62	failure $"RSA1 key generation"
63	echo
64	exit 1
65	fi
66	fi
67	}
68
69	do_rsa_keygen() {
70	if [ ! -s $RSA_KEY ]; then
71	echo -n $"Generating SSH2 RSA host key: "
72	rm -f $RSA_KEY
73	if test ! -f $RSA_KEY && $KEYGEN -q -t rsa -f $RSA_KEY -C '' -N '' >&/dev/null; then
74	chmod 600 $RSA_KEY
75	chmod 644 $RSA_KEY.pub
76	if [ -x /sbin/restorecon ]; then
77	/sbin/restorecon $RSA_KEY.pub
78	fi
79	success $"RSA key generation"
80	echo
81	else
82	failure $"RSA key generation"
83	echo
84	exit 1
85	fi
86	fi
87	}
88
89	do_dsa_keygen() {
90	if [ ! -s $DSA_KEY ]; then
91	echo -n $"Generating SSH2 DSA host key: "
92	rm -f $DSA_KEY
93	if test ! -f $DSA_KEY && $KEYGEN -q -t dsa -f $DSA_KEY -C '' -N '' >&/dev/null; then
94	chmod 600 $DSA_KEY
95	chmod 644 $DSA_KEY.pub
96	if [ -x /sbin/restorecon ]; then
97	/sbin/restorecon $DSA_KEY.pub
98	fi
99	success $"DSA key generation"
100	echo
101	else
102	failure $"DSA key generation"
103	echo
104	exit 1
105	fi
106	fi
107	}
108
109	do_restart_sanity_check()
110	{
111	$SSHD -t
112	RETVAL=$?
113	if [ $RETVAL -ne 0 ]; then
114	failure $"Configuration file or keys are invalid"
115	echo
116	fi
117	}
118
119	start()
120	{
121	[ -x $SSHD ] \|\| exit 5
122	[ -f /etc/ssh/sshd_config ] \|\| exit 6
123	# Create keys if necessary
124	if [ "x${AUTOCREATE_SERVER_KEYS}" != xNO ]; then
125	do_rsa1_keygen
126	do_rsa_keygen
127	do_dsa_keygen
128	fi
129
130	echo -n $"Starting $prog: "
131	$SSHD $OPTIONS && success \|\| failure
132	RETVAL=$?
133	[ $RETVAL -eq 0 ] && touch $lockfile
134	echo
135	return $RETVAL
136	}
137
138	stop()
139	{
140	echo -n $"Stopping $prog: "
141	if [ -n "`pidfileofproc $SSHD`" ] ; then
142	killproc $SSHD
143	else
144	failure $"Stopping $prog"
145	fi
146	RETVAL=$?
147	# if we are in halt or reboot runlevel kill all running sessions
148	# so the TCP connections are closed cleanly
149	if [ "x$runlevel" = x0 -o "x$runlevel" = x6 ] ; then
150	trap '' TERM
151	killall $prog 2>/dev/null
152	trap TERM
153	fi
154	[ $RETVAL -eq 0 ] && rm -f $lockfile
155	echo
156	}
157
158	reload()
159	{
160	echo -n $"Reloading $prog: "
161	if [ -n "`pidfileofproc $SSHD`" ] ; then
162	killproc $SSHD -HUP
163	else
164	failure $"Reloading $prog"
165	fi
166	RETVAL=$?
167	echo
168	}
169
170	restart() {
171	stop
172	start
173	}
174
175	force_reload() {
176	restart
177	}
178
179	rh_status() {
180	status -p $PID_FILE openssh-daemon
181	}
182
183	rh_status_q() {
184	rh_status >/dev/null 2>&1
185	}
186
187	case "$1" in
188	start)
189	rh_status_q && exit 0
190	start
191	;;
192	stop)
193	if ! rh_status_q; then
194	rm -f $lockfile
195	exit 0
196	fi
197	stop
198	;;
199	restart)
200	restart
201	;;
202	reload)
203	rh_status_q \|\| exit 7
204	reload
205	;;
206	force-reload)
207	force_reload
208	;;
209	condrestart\|try-restart)
210	rh_status_q \|\| exit 0
211	if [ -f $lockfile ] ; then
212	do_restart_sanity_check
213	if [ $RETVAL -eq 0 ] ; then
214	stop
215	# avoid race
216	sleep 3
217	start
218	else
219	RETVAL=6
220	fi
221	fi
222	;;
223	status)
224	rh_status
225	RETVAL=$?
226	if [ $RETVAL -eq 3 -a -f $lockfile ] ; then
227	RETVAL=2
228	fi
229	;;
230	*)
231	echo $"Usage: $0 {start\|stop\|restart\|reload\|force-reload\|condrestart\|try-restart\|status}"
232	RETVAL=2
233	esac
234	exit $RETVAL
admin@fedoraproject.org	ViewVC Help
Powered by ViewVC 1.1.2