CirrOS

Merge lp:~hughsaunders/cirros/dropbearinit into lp:cirros

  1. dropbearinit
  2. Merge into trunk
Proposed by Hugh Saunders
Status: Merged
Merged at revision: 366
Proposed branch: lp:~hughsaunders/cirros/dropbearinit
Merge into: lp:cirros
Diff against target: 130 lines (+70/-29)
4 files modified
patches-buildroot/dropbear-init-generate-keys.patch (+0/-27)
patches-buildroot/series (+0/-1)
src/etc/init.d/S50dropbear (+68/-0)
src/etc/init.d/resizefs (+2/-1)
To merge this branch: bzr merge lp:~hughsaunders/cirros/dropbearinit
Reviewer Review Type Date Requested Status
Scott Moser Pending
Review via email: mp+291895@code.launchpad.net

Description of the change

An alternative approach to https://code.launchpad.net/~hughsaunders/cirros/dropbearkey/+merge/290888

Instead of updating the patch for the dropbear init script, carry the whole script. Also moves resizefs to before dropbear in rc3.d.

To post a comment you must log in.
Revision history for this message
Hugh Saunders (hughsaunders) wrote :

More code but at least the diff makes sense :/

Revision history for this message
Scott Moser (smoser) wrote :

we shouldnt be *so* tight that we can't write a few key files.
so i'd rather not put the resize change in place.
I realize background resize is possibly odd, but without knowing that we can resize -> 10G in sub-second, i'm not itnerested in blocking on it.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== removed file 'patches-buildroot/dropbear-init-generate-keys.patch'
--- patches-buildroot/dropbear-init-generate-keys.patch 2015-05-28 01:28:20 +0000
+++ patches-buildroot/dropbear-init-generate-keys.patch 1970-01-01 00:00:00 +0000
@@ -1,27 +0,0 @@
1generate keys in dropbear sysvinit script
2
3buildroot upstream now uses '-R' to get their keys generated
4which is to generate them on the fly. We'd rather they're explicitly
5generated ahead of time so that we can log them.
6Index: buildroot/package/dropbear/S50dropbear
7===================================================================
8--- buildroot.orig/package/dropbear/S50dropbear 2014-09-01 11:20:56.000000000 +0000
9+++ buildroot/package/dropbear/S50dropbear 2014-09-16 19:29:54.320096000 +0000
10@@ -6,9 +6,17 @@
11 # Allow a few customizations from a config file
12 test -r /etc/default/dropbear && . /etc/default/dropbear
13
14+DROPBEAR_KEYTYPES="rsa dss ecc"
15 start() {
16 DROPBEAR_ARGS="$DROPBEAR_ARGS -R"
17
18+ local ktype file
19+ for ktype in rsa dss ecdsa; do
20+ file="/etc/dropbear/dropbear_${ktype}_host_key"
21+ cirros-per instance dropbear-keygen-$ktype -- \
22+ dropbearkey -t "$ktype" -f "$file" >/dev/null 2>&1 ||
23+ echo "WARN: generating key of type $ktype failed!"
24+ done
25 echo -n "Starting dropbear sshd: "
26 umask 077
27 start-stop-daemon -S -q -p /var/run/dropbear.pid \
280
=== modified file 'patches-buildroot/series'
--- patches-buildroot/series 2015-05-08 16:34:40 +0000
+++ patches-buildroot/series 2016-04-14 14:21:38 +0000
@@ -1,2 +1,1 @@
1ifupdown-cirros.patch1ifupdown-cirros.patch
2dropbear-init-generate-keys.patch
32
=== added file 'src/etc/init.d/S50dropbear'
--- src/etc/init.d/S50dropbear 1970-01-01 00:00:00 +0000
+++ src/etc/init.d/S50dropbear 2016-04-14 14:21:38 +0000
@@ -0,0 +1,68 @@
1#!/bin/sh
2#
3# Starts dropbear sshd.
4#
5
6echo "Top of dropbear init script"
7
8# Allow a few customizations from a config file
9test -r /etc/default/dropbear && . /etc/default/dropbear
10
11start() {
12 DROPBEAR_ARGS="$DROPBEAR_ARGS -R"
13
14 echo -n "Starting dropbear sshd: "
15 umask 077
16 # Ensure host keys are changed when instance ID changes
17 cirros-per instance remove-dropbear-host-keys -- rm -rf /etc/dropbear
18
19 # Make sure dropbear directory exists
20 if [ ! -d /etc/dropbear ]; then
21 mkdir -p /etc/dropbear
22 fi
23
24 # Regenerate invalid or missing keys
25 local ktype file
26 for ktype in rsa dss ecdsa; do
27 file="/etc/dropbear/dropbear_${ktype}_host_key"
28 # -f = input file, -y = validate and print pubkey info
29 if ! dropbearkey -f "$file" -y &>/dev/null; then
30 if [ -e "$file" ]; then
31 echo "Removing invalid key: $file"
32 rm -f "$file"
33 fi
34 # -t = type (dss, rsa, ecdsa), -f = output file
35 dropbearkey -t "$ktype" -f "$file" >/dev/null 2>&1 ||
36 echo "WARN: generating key of type $ktype failed!"
37 fi
38 done
39 start-stop-daemon -S -q -p /var/run/dropbear.pid \
40 --exec /usr/sbin/dropbear -- $DROPBEAR_ARGS
41 [ $? = 0 ] && echo "OK" || echo "FAIL"
42}
43stop() {
44 echo -n "Stopping dropbear sshd: "
45 start-stop-daemon -K -q -p /var/run/dropbear.pid
46 [ $? = 0 ] && echo "OK" || echo "FAIL"
47}
48restart() {
49 stop
50 start
51}
52
53case "$1" in
54 start)
55 start
56 ;;
57 stop)
58 stop
59 ;;
60 restart|reload)
61 restart
62 ;;
63 *)
64 echo "Usage: $0 {start|stop|restart}"
65 exit 1
66esac
67
68exit $?
069
=== modified file 'src/etc/init.d/resizefs'
--- src/etc/init.d/resizefs 2015-05-28 19:47:25 +0000
+++ src/etc/init.d/resizefs 2016-04-14 14:21:38 +0000
@@ -1,7 +1,8 @@
1#!/bin/sh1#!/bin/sh
2# vi: ts=4 noexpandtab2# vi: ts=4 noexpandtab
33
4RESIZE_MODE="background"4echo "Top of resize init script"
5RESIZE_MODE="foreground"
5GROWROOT="enabled"6GROWROOT="enabled"
6if [ -f /etc/default/resizefs ]; then7if [ -f /etc/default/resizefs ]; then
7 . /etc/default/resizefs8 . /etc/default/resizefs
89
=== added symlink 'src/etc/rc3.d/S49-resizefs'
=== target is u'../init.d/resizefs'
=== removed symlink 'src/etc/rc3.d/S55-resizefs'
=== target was u'../init.d/resizefs'

Subscribers

People subscribed via source and target branches