From owner-freebsd-bugs Tue Nov 27 8: 0:18 2001 Delivered-To: freebsd-bugs@hub.freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 06EDF37B405 for ; Tue, 27 Nov 2001 08:00:04 -0800 (PST) Received: (from gnats@localhost) by freefall.freebsd.org (8.11.6/8.11.6) id fARG03543704; Tue, 27 Nov 2001 08:00:03 -0800 (PST) (envelope-from gnats) Date: Tue, 27 Nov 2001 08:00:03 -0800 (PST) Message-Id: <200111271600.fARG03543704@freefall.freebsd.org> To: freebsd-bugs@FreeBSD.org Cc: From: Makoto Matsushita Subject: Re: conf/32288: After install: /etc/rc complains if crypto is not installed Reply-To: Makoto Matsushita Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org The following reply was made to PR conf/32288; it has been noted by GNATS. From: Makoto Matsushita To: FreeBSD-gnats-submit@freebsd.org Cc: Dag-Erling Smorgrav Subject: Re: conf/32288: After install: /etc/rc complains if crypto is not installed Date: Wed, 28 Nov 2001 00:57:36 +0900 des> In addition, rc.network should check for the existence and des> executability of ssh-keygen, which should probably be des> parametrized. How about this patch? Logic is changed to: if ${sshd_enable} is YES if ${ssh_keygen_program} is not executable ssh_keygen_enable=NO if ${ssh_keygen_enable} is YES (create keys as before) ssh_keygen_enable is set to "YES", and ssh_keygen_program is set to "/usr/bin/ssh-keygen" to keep the behavior of current rc.network. If a user doesn't install 'crypto' distribution, /usr/bin/ssh-keygen is not available so ssh_keygen_enable turn to 'NO'. BTW, I don't like this patch, the ssh-keygen line is too long... -- - Makoto `MAR' Matsushita Index: rc.network =================================================================== RCS file: /home/ncvs/src/etc/rc.network,v retrieving revision 1.115 diff -u -r1.115 rc.network --- rc.network 24 Nov 2001 23:41:32 -0000 1.115 +++ rc.network 27 Nov 2001 15:48:52 -0000 @@ -814,14 +814,21 @@ case ${sshd_enable} in [Yy][Ee][Ss]) - if [ ! -f /etc/ssh/ssh_host_key ]; then - echo ' creating ssh RSA host key'; - /usr/bin/ssh-keygen -N "" -f /etc/ssh/ssh_host_key - fi - if [ ! -f /etc/ssh/ssh_host_dsa_key ]; then - echo ' creating ssh DSA host key'; - /usr/bin/ssh-keygen -d -N "" -f /etc/ssh/ssh_host_dsa_key + if [ ! -x ${ssh_keygen_program:-/usr/bin/ssh-keygen} ]; then + ssh_keygen_enable="NO" fi + case ${ssh_keygen_enable} in + [Yy][Ee][Ss]) + if [ ! -f /etc/ssh/ssh_host_key ]; then + echo ' creating ssh RSA host key'; + ${ssh_keygen_program:-/usr/bin/ssh-keygen} -N "" -f /etc/ssh/ssh_host_key + fi + if [ ! -f /etc/ssh/ssh_host_dsa_key ]; then + echo ' creating ssh DSA host key'; + ${ssh_keygen_program:-/usr/bin/ssh-keygen} -d -N "" -f /etc/ssh/ssh_host_dsa_key + fi + ;; + esac ;; esac Index: defaults/rc.conf =================================================================== RCS file: /home/ncvs/src/etc/defaults/rc.conf,v retrieving revision 1.132 diff -u -r1.132 rc.conf --- defaults/rc.conf 24 Nov 2001 16:12:03 -0000 1.132 +++ defaults/rc.conf 27 Nov 2001 15:48:53 -0000 @@ -153,6 +153,8 @@ sshd_enable="NO" # Enable sshd sshd_program="/usr/sbin/sshd" # path to sshd, if you want a different one. sshd_flags="" # Additional flags for sshd. +ssh_keygen_enable="YES" # Create sshd host keys if not exist. +ssh_keygen_program="/usr/bin/ssh-keygen" # Create sshd host keys if not exist. ### Network daemon (NFS) Need all portmap_enable="YES" ### amd_enable="NO" # Run amd service with $amd_flags (or NO). To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message