From owner-freebsd-bugs Thu Jan 17 20:44:46 2002 Delivered-To: freebsd-bugs@freebsd.org Received: from mta6.snfc21.pbi.net (mta6.snfc21.pbi.net [206.13.28.240]) by hub.freebsd.org (Postfix) with ESMTP id 0C60E37B400 for ; Thu, 17 Jan 2002 20:44:42 -0800 (PST) Received: from blackbox.pacbell.net ([66.122.212.43]) by mta6.snfc21.pbi.net (iPlanet Messaging Server 5.1 (built May 7 2001)) with ESMTP id <0GQ4004F0AIHI4@mta6.snfc21.pbi.net> for freebsd-bugs@freebsd.org; Thu, 17 Jan 2002 20:44:41 -0800 (PST) Received: (from mikem@localhost) by blackbox.pacbell.net (8.11.6/8.11.6) id g0I4j9J01281; Thu, 17 Jan 2002 20:45:09 -0800 (PST envelope-from mikem) Date: Thu, 17 Jan 2002 20:45:09 -0800 From: Mike Makonnen Subject: Re: misc/34003: Hardcoded path for ssh-keygen in /etc/rc.network To: freebsd-bugs@freebsd.org Message-id: <200201180445.g0I4j9J01281@blackbox.pacbell.net> MIME-version: 1.0 X-Mailer: Sylpheed version 0.6.5 (GTK+ 1.2.10; i386--freebsd4.4) Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Thu, 17 Jan 2002 11:37:44 -0800 (PST) "David P. Discher" wrote: > >Environment: > FreeBSD seven.dpdtech.com 4.4-RELEASE FreeBSD 4.4-RELEASE #0: Thu Jan 17 12:23:54 CST 2002 root@seven.dpdtech.com:/build/src/sys/compile/borg_fbsd44_20020117a i386 > > >Description: > I found this awhile back, in the /etc/rc.network file, the path to ssh-keygen is hardcoded to /usr/bin/ssh-keygen. The causes problems when trying to upgrade to new versions of OpenSSH from the ports collections. This seems to be a slight oversight. > snip.. > 2. Change the rc.conf $sshd_program, to $sshd_prefix. Then change /etc/rc and rc.network to use $sshd_prefix/sbin/sshd and $sshd_path/bin/ssh-keygen or simliar. I think the best way to handle this is with a separate $ssh_keygen_program line. If you're going to do it, might as well go all the way. Since you are using 4.4 Release I have included a diff against that release, and in case someone thinks this is worthy of commiting, I've also included a patch against -current (the delta between -4.x and -current is too big for only one set of diffs). David, please note that you will have to overide the value of ssh_keygen_program in your local /etc/rc.conf. cheers, mike makonnen 4.4-RELEASE: Index: etc/rc.network =================================================================== RCS file: /home/ncvs/src/etc/rc.network,v retrieving revision 1.74.2.23 diff -u -r1.74.2.23 rc.network --- etc/rc.network 17 Aug 2001 07:26:38 -0000 1.74.2.23 +++ etc/rc.network 18 Jan 2002 03:54:49 -0000 @@ -744,11 +744,13 @@ [Yy][Ee][Ss]) if [ ! -f /etc/ssh/ssh_host_key ]; then echo ' creating ssh RSA host key'; - /usr/bin/ssh-keygen -N "" -f /etc/ssh/ssh_host_key + ${ssh_keygen_program:-/usr/bin/ssh-keygen} -N "" \ + -f /etc/ssh/ssh_host_key fi if [ ! -f /etc/ssh/ssh_host_dsa_key ]; then echo ' creating ssh DSA host key'; - /usr/bin/ssh-keygen -d -N "" -f /etc/ssh/ssh_host_dsa_key + ${ssh_keygen_program:-/usr/bin/ssh-keygen} -d -N "" \ + -f /etc/ssh/ssh_host_dsa_key fi ;; esac Index: etc/defaults/rc.conf =================================================================== RCS file: /home/ncvs/src/etc/defaults/rc.conf,v retrieving revision 1.53.2.39.2.1 diff -u -r1.53.2.39.2.1 rc.conf --- etc/defaults/rc.conf 14 Sep 2001 17:32:25 -0000 1.53.2.39.2.1 +++ etc/defaults/rc.conf 18 Jan 2002 03:53:09 -0000 @@ -165,6 +165,7 @@ sshd_enable="NO" # Enable sshd sshd_program="/usr/sbin/sshd" # path to sshd, if you want a different one. sshd_flags="" # Additional flags for sshd. +ssh_keygen_program="/usr/bin/ssh-keygen" # path to ssh-keygen ### Network Time Services options: ### timed_enable="NO" # Run the time daemon (or NO). CURRENT: Index: rc.network =================================================================== RCS file: /home/ncvs/src/etc/rc.network,v retrieving revision 1.119 diff -u -r1.119 rc.network --- rc.network 13 Dec 2001 04:21:18 -0000 1.119 +++ rc.network 18 Jan 2002 03:24:28 -0000 @@ -829,11 +829,13 @@ [Yy][Ee][Ss]) if [ ! -f /etc/ssh/ssh_host_key ]; then echo ' creating ssh RSA host key'; - /usr/bin/ssh-keygen -N "" -f /etc/ssh/ssh_host_key + ${ssh_keygen_program:-/usr/bin/ssh-keygen} -N "" \ + -f /etc/ssh/ssh_host_key fi if [ ! -f /etc/ssh/ssh_host_dsa_key ]; then echo ' creating ssh DSA host key'; - /usr/bin/ssh-keygen -d -N "" -f /etc/ssh/ssh_host_dsa_key + ${ssh_keygen_program:-/usr/bin/ssh-keygen} -d -N "" \ + -f /etc/ssh/ssh_host_dsa_key fi ;; esac Index: defaults/rc.conf =================================================================== RCS file: /home/ncvs/src/etc/defaults/rc.conf,v retrieving revision 1.136 diff -u -r1.136 rc.conf --- defaults/rc.conf 29 Dec 2001 19:42:54 -0000 1.136 +++ defaults/rc.conf 18 Jan 2002 03:11:09 -0000 @@ -155,6 +155,7 @@ sshd_enable="NO" # Enable sshd sshd_program="/usr/sbin/sshd" # path to sshd, if you want a different one. sshd_flags="" # Additional flags for sshd. +ssh_keygen_program="/usr/bin/ssh-keygen" # path to ssh-keygen ### Network daemon (NFS) Need all portmap_enable="YES" ### amd_enable="NO" # Run amd service with $amd_flags (or NO). To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message