[Buildroot] [PATCH v2 3/3] package/openssh: add sd socket-activated ssh daemon services

Jérémy ROSEN jeremy.rosen at smile.fr
Thu Jun 11 13:39:22 UTC 2020 

Urgh
Thx for pointing that out. That's why I don't like mail-based workflows...

Anyway, I won't block the patch on that particular point, though I'd like
it addressed if possible....


Cheers
Jeremy


Le jeu. 11 juin 2020 à 11:54, Norbert Lange <nolange79 at gmail.com> a écrit :

>
>
> Jérémy ROSEN <jeremy.rosen at smile.fr> schrieb am Do., 11. Juni 2020, 11:35:
>
>> Reviewed-By Jérémy Rosen <jeremy.rosen at smile.fr>
>>
>> (I think I didn't add my RB for that one..)
>>
>> Le jeu. 11 juin 2020 à 11:14, Norbert Lange <nolange79 at gmail.com> a
>> écrit :
>>
>>> Signed-off-by: Norbert Lange <nolange79 at gmail.com>
>>> ---
>>>  package/openssh/openssh.mk               |  6 +++---
>>>  package/openssh/sshd-host-keygen.service |  2 +-
>>>  package/openssh/sshd.socket              | 11 +++++++++++
>>>  package/openssh/sshd at .service            | 10 ++++++++++
>>>  4 files changed, 25 insertions(+), 4 deletions(-)
>>>  create mode 100644 package/openssh/sshd.socket
>>>  create mode 100644 package/openssh/sshd at .service
>>>
>>> diff --git a/package/openssh/openssh.mk b/package/openssh/openssh.mk
>>> index 1fcd957299..cbfe8f6f7d 100644
>>> --- a/package/openssh/openssh.mk
>>> +++ b/package/openssh/openssh.mk
>>> @@ -116,9 +116,9 @@ endef
>>>  OPENSSH_POST_INSTALL_TARGET_HOOKS += OPENSSH_INSTALL_SERVER_PROGRAMS
>>>
>>>  define OPENSSH_INSTALL_INIT_SYSTEMD
>>> -       mkdir $(TARGET_DIR)/usr/lib/systemd/system
>>> -       $(INSTALL) -m 644 package/openssh/sshd*.service \
>>> -               $(TARGET_DIR)/usr/lib/systemd/system/
>>> +       mkdir -p $(TARGET_DIR)/usr/lib/systemd/system
>>> +       $(INSTALL) -m 644 package/openssh/sshd*.service
>>> package/openssh/sshd.socket \
>>> +               $(TARGET_DIR)/usr/lib/systemd/system/.
>>>         $(OPENSSH_INSTALL_SYSTEMD_SYSUSERS)
>>>  endef
>>>
>>> diff --git a/package/openssh/sshd-host-keygen.service
>>> b/package/openssh/sshd-host-keygen.service
>>> index 2db1be16c4..0e071c9d8c 100644
>>> --- a/package/openssh/sshd-host-keygen.service
>>> +++ b/package/openssh/sshd-host-keygen.service
>>> @@ -20,4 +20,4 @@ Type=oneshot
>>>  RemainAfterExit=yes
>>>
>>>  [Install]
>>> -WantedBy=sshd.service
>>> +WantedBy=sshd.service sshd.socket
>>> diff --git a/package/openssh/sshd.socket b/package/openssh/sshd.socket
>>> new file mode 100644
>>> index 0000000000..bbae9ed7aa
>>> --- /dev/null
>>> +++ b/package/openssh/sshd.socket
>>> @@ -0,0 +1,11 @@
>>> +[Unit]
>>> +Description=OpenBSD Secure Shell server socket
>>> +Before=sshd.service
>>> +Conflicts=sshd.service
>>> +
>>> +[Socket]
>>> +ListenStream=22
>>> +Accept=yes
>>> +
>>> +[Install]
>>> +WantedBy=sockets.target
>>> diff --git a/package/openssh/sshd at .service b/package/openssh/sshd@
>>> .service
>>> new file mode 100644
>>> index 0000000000..b3a590d9a3
>>> --- /dev/null
>>> +++ b/package/openssh/sshd at .service
>>> @@ -0,0 +1,10 @@
>>> +[Unit]
>>> +Description=OpenBSD Secure Shell server per-connection daemon
>>> +Documentation=man:sshd(8) man:sshd_config(5)
>>> +After=auditd.service
>>> +
>>> +[Service]
>>> +ExecStart=-/usr/sbin/sshd -i
>>> +StandardInput=socket
>>> +RuntimeDirectory=sshd
>>> +RuntimeDirectoryMode=0755
>>> --
>>> 2.26.2
>>>
>>>
>>
>> --
>> [image: SMILE]  <http://www.smile.eu/>
>>
>> 20 rue des Jardins
>> 92600 Asnières-sur-Seine
>> *Jérémy ROSEN*
>> Architecte technique
>>
>> [image: email] jeremy.rosen at smile.fr
>> [image: phone]  +33 6 88 25 87 42
>> [image: url] http://www.smile.eu
>>
>> [image: Twitter] <https://twitter.com/GroupeSmile> [image: Facebook]
>> <https://www.facebook.com/smileopensource> [image: LinkedIn]
>> <https://www.linkedin.com/company/smile> [image: Github]
>> <https://github.com/Smile-SA>
>>
>> [image: Découvrez l’univers Smile, rendez-vous sur smile.eu]
>> <https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature>
>>
>
> No, but I thought that was intentional, as this patch doesn't have an
> option to chose between singular sever and the socket activation mode.
>
> Norbert
>
>>
>> <https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature>
>>
>

-- 
[image: SMILE]  <http://www.smile.eu/>

20 rue des Jardins
92600 Asnières-sur-Seine
*Jérémy ROSEN*
Architecte technique

[image: email] jeremy.rosen at smile.fr
[image: phone]  +33 6 88 25 87 42
[image: url] http://www.smile.eu

[image: Twitter] <https://twitter.com/GroupeSmile> [image: Facebook]
<https://www.facebook.com/smileopensource> [image: LinkedIn]
<https://www.linkedin.com/company/smile> [image: Github]
<https://github.com/Smile-SA>

[image: Découvrez l’univers Smile, rendez-vous sur smile.eu]
<https://www.smile.eu/fr/publications/livres-blancs/yocto?utm_source=signature&utm_medium=email&utm_campaign=signature>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.busybox.net/pipermail/buildroot/attachments/20200611/0874979c/attachment-0002.html>

More information about the buildroot mailing list