2023-02-02 23:52:48 +01:00
|
|
|
config() {
|
|
|
|
NEW="$1"
|
|
|
|
OLD="`dirname $NEW`/`basename $NEW .new`"
|
|
|
|
# If there's no config file by that name, mv it over:
|
|
|
|
if [ ! -r $OLD ]; then
|
|
|
|
mv $NEW $OLD
|
|
|
|
elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy
|
|
|
|
rm $NEW
|
|
|
|
fi
|
|
|
|
# Otherwise, we leave the .new copy for the admin to consider...
|
|
|
|
}
|
|
|
|
preserve_perms() {
|
|
|
|
NEW="$1"
|
|
|
|
OLD="$(dirname ${NEW})/$(basename ${NEW} .new)"
|
|
|
|
if [ -e ${OLD} ]; then
|
|
|
|
cp -a ${OLD} ${NEW}.incoming
|
|
|
|
cat ${NEW} > ${NEW}.incoming
|
|
|
|
touch -r ${NEW} ${NEW}.incoming
|
|
|
|
mv ${NEW}.incoming ${NEW}
|
|
|
|
fi
|
|
|
|
config ${NEW}
|
|
|
|
}
|
|
|
|
|
|
|
|
if [ -r etc/pam.d/sshd.new ]; then
|
|
|
|
config etc/pam.d/sshd.new
|
|
|
|
fi
|
|
|
|
config etc/default/sshd.new
|
|
|
|
config etc/ssh/ssh_config.new
|
|
|
|
config etc/ssh/sshd_config.new
|
|
|
|
preserve_perms etc/rc.d/rc.sshd.new
|
|
|
|
if [ -e etc/rc.d/rc.sshd.new ]; then
|
|
|
|
mv etc/rc.d/rc.sshd.new etc/rc.d/rc.sshd
|
|
|
|
fi
|
|
|
|
|
|
|
|
# If the sshd user/group/shadow don't exist, add them:
|
|
|
|
|
|
|
|
if ! grep -q "^sshd:" etc/passwd ; then
|
|
|
|
echo "sshd:x:33:33:sshd:/:" >> etc/passwd
|
|
|
|
fi
|
|
|
|
|
|
|
|
if ! grep -q "^sshd:" etc/group ; then
|
|
|
|
echo "sshd::33:sshd" >> etc/group
|
|
|
|
fi
|
|
|
|
|
|
|
|
if ! grep -q "^sshd:" etc/shadow ; then
|
|
|
|
echo "sshd:*:9797:0:::::" >> etc/shadow
|
|
|
|
fi
|
|
|
|
|
|
|
|
# Add a btmp file to store login failure if one doesn't exist:
|
|
|
|
if [ ! -r var/log/btmp ]; then
|
|
|
|
( cd var/log ; umask 077 ; touch btmp )
|
|
|
|
fi
|
|
|
|
|
2024-07-08 20:00:35 +02:00
|
|
|
# Restart sshd if it is safe to do so:
|
|
|
|
. etc/default/sshd
|
|
|
|
if [ ! "$SSHD_LISTENER_AUTO_RESTART_ON_UPGRADE" = "no" -a ! -x /usr/lib/setup/setup ]; then
|
|
|
|
chroot . /bin/bash -c "if sshd -t 1> /dev/null 2> /dev/null ; then if [ -x /etc/rc.d/rc.sshd ]; then sh /etc/rc.d/rc.sshd restart 1> /dev/null 2>/dev/null; fi; fi"
|
|
|
|
fi
|
|
|
|
unset SSHD_OPTS SSHD_LISTENER_AUTO_RESTART_ON_UPGRADE
|