Date: Sat, 13 Nov 2004 17:50:15 +0100 (CET) From: Oliver Lehmann <oliver@FreeBSD.org> To: FreeBSD-gnats-submit@FreeBSD.org Cc: Oliver Lehmann <oliver@FreeBSD.org> Subject: bin/73909: rc.d/sshd does not work with ports-ssh Message-ID: <200411131650.iADGoFQk055004@kartoffel.salatschuessel.net> Resent-Message-ID: <200411131650.iADGoRdG086964@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 73909
>Category: bin
>Synopsis: rc.d/sshd does not work with ports-ssh
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sat Nov 13 16:50:27 GMT 2004
>Closed-Date:
>Last-Modified:
>Originator: Oliver Lehmann
>Release: FreeBSD 4.10-STABLE i386
>Organization:
>Environment:
System: FreeBSD kartoffel.salatschuessel.net 4.10-STABLE FreeBSD 4.10-STABLE #0: Fri Jun 4 20:32:48 CEST 2004 olivleh1@kartoffel.salatschuessel.net:/usr/obj/usr/src/sys/KARTOFFEL i386
FreeBSD avocado.salatschuessel.net 5.3-STABLE FreeBSD 5.3-STABLE #1: Sat Nov 13 15:16:49 CET 2004 olivleh1@avocado.salatschuessel.net:/usr/obj/usr/src/sys/AVOCADO i386
>Description:
the script complains about a nonexistent /usr/sbin/ssh-keygen... that is
true.. because it is instaled in /usr/local/bin/ssh-keygen if I use sshd
from ports
>How-To-Repeat:
don't install base-ssh and base-ssl
remove /etc/ssh
keep sshd_enable="YES" and sshd_program="/usr/local/sbin/sshd" in your rc.conf
run /etc/rc.d/sshd start
>Fix:
--- sshd.diff begins here ---
--- sshd.orig Sat Nov 13 17:30:12 2004
+++ sshd Sat Nov 13 17:41:16 2004
@@ -15,9 +15,18 @@
start_precmd="sshd_precmd"
pidfile="/var/run/${name}.pid"
extra_commands="keygen reload"
timeout=300
+get_prefix() {
+ PREFIX=${sshd_program%%/sbin/sshd}
+ if [ "$PREFIX" != "/usr" ] ; then
+ ETCDIR="$PREFIX/etc"
+ else
+ ETCDIR="/etc"
+ fi
+}
+
user_reseed()
{
(
@@ -42,47 +50,49 @@
sshd_keygen()
{
+ get_prefix
(
umask 022
# Can't do anything if ssh is not installed
- [ -x /usr/bin/ssh-keygen ] || {
- warn "/usr/bin/ssh-keygen does not exist."
+ [ -x ${PREFIX}/bin/ssh-keygen ] || {
+ warn "${PREFIX}/bin/ssh-keygen does not exist."
return 1
}
- if [ -f /etc/ssh/ssh_host_key ]; then
+ if [ -f ${ETCDIR}/ssh/ssh_host_key ]; then
echo "You already have an RSA host key" \
- "in /etc/ssh/ssh_host_key"
+ "in ${ETCDIR}/ssh/ssh_host_key"
echo "Skipping protocol version 1 RSA Key Generation"
else
- /usr/bin/ssh-keygen -t rsa1 -b 1024 \
- -f /etc/ssh/ssh_host_key -N ''
+ ${PREFIX}/bin/ssh-keygen -t rsa1 -b 1024 \
+ -f ${ETCDIR}/ssh/ssh_host_key -N ''
fi
- if [ -f /etc/ssh/ssh_host_dsa_key ]; then
+ if [ -f ${ETCDIR}/ssh/ssh_host_dsa_key ]; then
echo "You already have a DSA host key" \
- "in /etc/ssh/ssh_host_dsa_key"
+ "in ${ETCDIR}/ssh/ssh_host_dsa_key"
echo "Skipping protocol version 2 DSA Key Generation"
else
- /usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N ''
+ ${PREFIX}/bin/ssh-keygen -t dsa -f ${ETCDIR}/ssh/ssh_host_dsa_key -N ''
fi
- if [ -f /etc/ssh/ssh_host_rsa_key ]; then
+ if [ -f ${ETCDIR}/ssh/ssh_host_rsa_key ]; then
echo "You already have a RSA host key" \
- "in /etc/ssh/ssh_host_rsa_key"
+ "in ${ETCDIR}/ssh/ssh_host_rsa_key"
echo "Skipping protocol version 2 RSA Key Generation"
else
- /usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N ''
+ ${PREFIX}/bin/ssh-keygen -t rsa -f ${ETCDIR}/ssh/ssh_host_rsa_key -N ''
fi
)
}
sshd_precmd()
{
- if [ ! -f /etc/ssh/ssh_host_key -o \
- ! -f /etc/ssh/ssh_host_dsa_key -o \
- ! -f /etc/ssh/ssh_host_rsa_key ]; then
+ get_prefix
+ if [ ! -f ${ETCDIR}/ssh/ssh_host_key -o \
+ ! -f ${ETCDIR}/ssh/ssh_host_dsa_key -o \
+ ! -f ${ETCDIR}/ssh/ssh_host_rsa_key ]; then
user_reseed
run_rc_command keygen
fi
--- sshd.diff ends here ---
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200411131650.iADGoFQk055004>