From c6e7bee7f2b0362fa68964702cc5f6e4b3645177 Mon Sep 17 00:00:00 2001 From: David Guglielmi Date: Sat, 16 May 2020 12:50:50 +0200 Subject: [PATCH] sys-kernel/dracut-crypt-ssh: removed from overlay --- sys-kernel/dracut-crypt-ssh/Manifest | 5 -- .../dracut-crypt-ssh-1.0.7.ebuild | 25 ---------- ...ing-is-interpreted-as-base10-integer.patch | 25 ---------- ...1.0.7-correctly-link-with--as-needed.patch | 24 --------- sys-kernel/dracut-crypt-ssh/metadata.xml | 19 ------- sys-kernel/dracut-openssh/Manifest | 6 +-- .../dracut-openssh/dracut-openssh-0.1.ebuild | 4 +- .../dracut-openssh/files/dracut-openssh.conf | 17 ++++--- .../dracut-openssh/files/module-setup.sh | 50 +++++++++++++------ 9 files changed, 51 insertions(+), 124 deletions(-) delete mode 100644 sys-kernel/dracut-crypt-ssh/Manifest delete mode 100644 sys-kernel/dracut-crypt-ssh/dracut-crypt-ssh-1.0.7.ebuild delete mode 100644 sys-kernel/dracut-crypt-ssh/files/dracut-crypt-ssh-1.0.7-configure-make-sure-string-is-interpreted-as-base10-integer.patch delete mode 100644 sys-kernel/dracut-crypt-ssh/files/dracut-crypt-ssh-1.0.7-correctly-link-with--as-needed.patch delete mode 100644 sys-kernel/dracut-crypt-ssh/metadata.xml diff --git a/sys-kernel/dracut-crypt-ssh/Manifest b/sys-kernel/dracut-crypt-ssh/Manifest deleted file mode 100644 index f3bb2f4..0000000 --- a/sys-kernel/dracut-crypt-ssh/Manifest +++ /dev/null @@ -1,5 +0,0 @@ -AUX dracut-crypt-ssh-1.0.7-configure-make-sure-string-is-interpreted-as-base10-integer.patch 703 BLAKE2B 3125695e769f44e832d77b65a2ed4f990adda4b0fc3def9f4513cf6e3714245e900f5bd8be8fff062c9759d5a5df468849dfbf441a3c40ecae8e3f88d6b07245 SHA512 f4da437862eb3a01ca5a2875cb60632a33510efe314ad44a0d4ae568bfada168963e6effc8fab66c6c78b271fa50436ed2983904aeb792fd54f4a395f9dd5b5d -AUX dracut-crypt-ssh-1.0.7-correctly-link-with--as-needed.patch 913 BLAKE2B 82c441c467ca39ecb041d20ff8a2cafb23557159d8cf6d5916d897ae76d80bf0f8ad51f580007d9410f01dc5f0406ce44b25136c37f79746a9c603e256f5f58a SHA512 1483c4d6b9c95348b25a16663729fe760045117cd13842d7ab667eea57e87f19aa4ef919fa3e7073ba16206dcf455432f4f8a455e257e6262029d239d9aa6cef -DIST dracut-crypt-ssh-1.0.7.tar.gz 19561 BLAKE2B b778d03d792c5ebe0466de7474a6cc821445fe0cd3b216f395d3ea28a17cb4ed3aa6da4b7d6dee86e4481e2ac98d677e3410cd6581c4d8c01ab0ec9564504bf3 SHA512 2958a59c3ff615e89b7631224e248e7e931dd91c566e792b10dffe09b8bd2dfcf2c55eef4e974988f19320e0d732d3dfb14b61713445e1ff3a4a9868dfc4e966 -EBUILD dracut-crypt-ssh-1.0.7.ebuild 638 BLAKE2B f1e0be8cba5b8d079fd3e757a083e960131fddb37ba1e8af118f2a9283357af1000d5f56b57e310ed76afe28a5e209c919de01a1ed3b29d21de0afa3de15b16c SHA512 fe6fc795aeafdc2a043751cf7a3043f6ed42ef9def295704fb09d8b561216852476c42e8c3d76d96c70453b392740bb8f1fd67c3284c252718edbb15b1c6260b -MISC metadata.xml 675 BLAKE2B 0fc879807e833b5bb27f3cfd73968052443c446650f6c80ca993b4fa97cdaa008d6f929b465824614408fb16182ae88b14efc3dd3f460bbf426591a9c0964402 SHA512 e47736d58078e6c77592f71245882ed7541e8db6972677cb4a9ebcfc66bb9eea5d15887929af0224eadde9aadb5d47955ea86a9a278df5f1ade6d7fff220bfc3 diff --git a/sys-kernel/dracut-crypt-ssh/dracut-crypt-ssh-1.0.7.ebuild b/sys-kernel/dracut-crypt-ssh/dracut-crypt-ssh-1.0.7.ebuild deleted file mode 100644 index ee624c9..0000000 --- a/sys-kernel/dracut-crypt-ssh/dracut-crypt-ssh-1.0.7.ebuild +++ /dev/null @@ -1,25 +0,0 @@ -# Copyright 2020 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -DESCRIPTION="early unlocking of encrypted systems via ssh for dracut" -HOMEPAGE="https://github.com/dracut-crypt-ssh/dracut-crypt-ssh" -SRC_URI="https://github.com/${PN}/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~amd64 ~x86" -IUSE="" - -PATCHES=( - "${FILESDIR}"/${P}-configure-make-sure-string-is-interpreted-as-base10-integer.patch - "${FILESDIR}"/${P}-correctly-link-with--as-needed.patch -) - -DEPEND="sys-kernel/dracut" -RDEPEND="${DEPEND} - net-misc/dhcp - net-misc/dropbear" - -DOCS=("README.md") diff --git a/sys-kernel/dracut-crypt-ssh/files/dracut-crypt-ssh-1.0.7-configure-make-sure-string-is-interpreted-as-base10-integer.patch b/sys-kernel/dracut-crypt-ssh/files/dracut-crypt-ssh-1.0.7-configure-make-sure-string-is-interpreted-as-base10-integer.patch deleted file mode 100644 index ba5c1f0..0000000 --- a/sys-kernel/dracut-crypt-ssh/files/dracut-crypt-ssh-1.0.7-configure-make-sure-string-is-interpreted-as-base10-integer.patch +++ /dev/null @@ -1,25 +0,0 @@ -From cc349b6df4eb85e27c0bc5dc2621f0cb4281f0cf Mon Sep 17 00:00:00 2001 -From: Jan Delgado -Date: Sun, 27 Oct 2019 21:03:58 +0100 -Subject: [PATCH] make sure string is interpreted as base10 integer - -Current implementation leads to error when e.g. -DRACUT_VERSION == 049, since 049 will be interpreted as -an (invalid) octal value in bash. ---- - configure | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/configure b/configure -index 1c283a1..3fc48df 100755 ---- a/configure -+++ b/configure -@@ -114,7 +114,7 @@ else - fi - - OLDDRACUT=0 --[[ $DRACUT_VERSION -le 4 ]] && OLDDRACUT=1 -+[[ 10#$DRACUT_VERSION -le 4 ]] && OLDDRACUT=1 - - cat >config.mk < -Date: Thu, 26 Mar 2020 16:48:56 +0100 -Subject: [PATCH] Correctly link with --as-needed - -Linker needs to analzye the objects first before considering libraries. -as-needed is commonly used on distros. ---- - modules/60crypt-ssh/helper/Makefile | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/modules/60crypt-ssh/helper/Makefile b/modules/60crypt-ssh/helper/Makefile -index 7abc5f3..9aa5003 100644 ---- a/modules/60crypt-ssh/helper/Makefile -+++ b/modules/60crypt-ssh/helper/Makefile -@@ -20,7 +20,7 @@ console_auth: auth.c - $(CC) $(CFLAGS) $^ -o $@ - - unlock: crypttab.o unlock.o -- $(CC) $(CFLAGS) -lblkid $^ -o $@ -+ $(CC) $(CFLAGS) $^ -lblkid -o $@ - - crypttab-test: crypttab-test.c crypttab.o crypttab-test-data - $(CC) crypttab-test.c $(CFLAGS) crypttab.o -lblkid -o crypttab-test diff --git a/sys-kernel/dracut-crypt-ssh/metadata.xml b/sys-kernel/dracut-crypt-ssh/metadata.xml deleted file mode 100644 index d012194..0000000 --- a/sys-kernel/dracut-crypt-ssh/metadata.xml +++ /dev/null @@ -1,19 +0,0 @@ - - - - - david.guglielmi@gmail.com - David GUGLIELMI - - - gentoo@asgar.de - Christian Baumhof - - - proxy-maint@gentoo.org - Proxy Maintainers - - -crypt-ssh is a dracut module which allows remote unlocking of block devices encrypted with LUKS via ssh, during the initramfs stage of the boot. - - diff --git a/sys-kernel/dracut-openssh/Manifest b/sys-kernel/dracut-openssh/Manifest index a97728f..8007bf5 100644 --- a/sys-kernel/dracut-openssh/Manifest +++ b/sys-kernel/dracut-openssh/Manifest @@ -1,5 +1,5 @@ -AUX dracut-openssh.conf 285 BLAKE2B f318158898f6eb4286ec2cabe26d5552e2bff0771f3704ed17dff3002e02c4587900b647b1502880d8ce0175d2872ac63882cd62db3179905e08b56f413c23fe SHA512 0b745583b97236fa7fe9b5498fae45f93ed3ee4355b43ea4cd0aeeaa1a4033e4f50db820df9ee5f887b18ff2dab9e3617c2fde9189b17129ddf929cdcf638ec8 -AUX module-setup.sh 1693 BLAKE2B 40e8541f3d80f29e79238ebf4e170051e312f3fd3f6621005c522778401aac6b13e2de28b8a189fa7ab8ca21bf99d0ddadea8d1ac01fdd27d431ab0bf93c6529 SHA512 b4cc6eb049215aed6437bb1f34b1ae6763fe234ae9647c284ba134807fed50d5b04683fba28163fcde5f250b9898c1282c74c4e06d6442df5f6e75c89b093c95 +AUX dracut-openssh.conf 422 BLAKE2B b77262e65569eed32c3b1feaac412b36ba906218deb4d9697412e7744d2c7d32d71dbd06c363d73d1b7017030af4fbdad8cb4926c90f69f4200448f088f88dbb SHA512 2e74d1c73675457f607d04965df8f40722485b63f7d6ca7586dcfa56cbbf3349668eda05b5ede3d2beaaaf84d8cd236f2326f1ce25a76f1b33ddcad92221a080 +AUX module-setup.sh 2180 BLAKE2B d0e3b2902f62a582c098d5abbd968fd53609c181a56191f16f9b2dcf4ade0a58e39731d63558c0a6eb09cb1963ccd9afd0b127a94b87033bb4e234628605d728 SHA512 e2203ab0b0f8b1cdc20dfdd20983135022c404e47586f9b6180a6a93ddb6662c9f38661b2104e00d740cb50e0a3f445b2f509dfb82708411f58d844865616c1c AUX sshd.service 312 BLAKE2B e4be767736d45d3ccbe3a6848d32ee6f9523f5e0641cf973da4501b5dcc7a41b9c127f208bb5125cef8683393d25729856652d94e7d5d8154b11a69300a4f860 SHA512 a4aaee86716a51c904ee95a08dae22c79a1153bfc8e1cb1cd15806a133200e3a7aacee9aa4abf0a749544ea898346b79454d6da30cef0ab42253bfbe9b83d866 AUX sshd_config 445 BLAKE2B bbefbd4aa04f8edf79e8f09de8479891c85265f211d72511207aefd8551184f3fee4c4a4c964e98cad0398da63b609da68d105dc722e8f648d9e6228fcadd512 SHA512 34aa60a1a605b3e40394011c12e819de2c6d19fab3f710346f8d70d9dc0570cb872054bd328aa7d66b5a0f03bc7250382913786f4295b8477e2b8f0a7de3536d -EBUILD dracut-openssh-0.1.ebuild 704 BLAKE2B d7ca3557e9b91b8c76c03597051894d656e12e78e157ea74114b53cc719504b2ae8a2e7d6616d6c07d3838791d1e79653e3bb11caebe54119fcf0382ff8b3679 SHA512 3f6969d51afaf808cdbf01f84482c2d81ab22d88a0c6047be9396418ec5ea8e643cdcb5f4390f0b6610feab270c68d40b00c0b2d58b49e84b561c4975d606718 +EBUILD dracut-openssh-0.1.ebuild 752 BLAKE2B 250ca3c44401406bbfb83434a3c0c6557fa9cf60efcac445c9ee2cfe946f5b95f8e70250eed6d0179a893947bbea709d197ae04c38faa9aef03ef6013f2bb587 SHA512 7db52074f03f73624dee88c76a8339f28d56c1b910520328d9fe84ef065a8f97f35d8ee6e6635ad411023ee5f7be2e29c1c7f0fcb53bb54e1137ebb7cbef4127 diff --git a/sys-kernel/dracut-openssh/dracut-openssh-0.1.ebuild b/sys-kernel/dracut-openssh/dracut-openssh-0.1.ebuild index 483dc60..9e9ff3b 100644 --- a/sys-kernel/dracut-openssh/dracut-openssh-0.1.ebuild +++ b/sys-kernel/dracut-openssh/dracut-openssh-0.1.ebuild @@ -11,7 +11,9 @@ LICENSE="GPL-3+" SLOT="0" KEYWORDS="~amd64 ~x86" -DEPEND="net-misc/dhcp +IUSE="systemd-networkd" + +DEPEND="!systemd-networkd? ( net-misc/dhcp ) net-misc/openssh sys-apps/systemd sys-kernel/dracut" diff --git a/sys-kernel/dracut-openssh/files/dracut-openssh.conf b/sys-kernel/dracut-openssh/files/dracut-openssh.conf index 8f9b2df..5b79a75 100644 --- a/sys-kernel/dracut-openssh/files/dracut-openssh.conf +++ b/sys-kernel/dracut-openssh/files/dracut-openssh.conf @@ -1,10 +1,15 @@ # Dracut OpenSSH configuration # -#SSHD_OPTS="-e -p 22" +#sshd_opts="-e -p 22" # -#AUTHORIZED_KEYS="/root/.ssh/authorized_keys" +#authorized_keys="/root/.ssh/authorized_keys" # -#DSA_HOST_KEY="/etc/ssh/ssh_host_dsa_key" -#ECDSA_HOST_KEY="/etc/ssh/ssh_host_ecdsa_key" -#ED25519_HOST_KEY="/etc/ssh/ssh_host_ed25519_key" -#RSA_HOST_KEY="/etc/ssh/ssh_host_rsa_key" +#dsa_host_key="/etc/ssh/ssh_host_dsa_key" +#ecdsa_host_key="/etc/ssh/ssh_host_ecdsa_key" +#ed25519_host_key="/etc/ssh/ssh_host_ed25519_key" +#rsa_host_key="/etc/ssh/ssh_host_rsa_key" +# +# network_provider can be network systemd-networkd or auto +#network_provider="auto" +# +#systemd_networkd_files="/etc/systemd/network/*" diff --git a/sys-kernel/dracut-openssh/files/module-setup.sh b/sys-kernel/dracut-openssh/files/module-setup.sh index e8db21e..8c46411 100644 --- a/sys-kernel/dracut-openssh/files/module-setup.sh +++ b/sys-kernel/dracut-openssh/files/module-setup.sh @@ -9,25 +9,36 @@ check() { } depends() { - echo network + [ -z ${network_provider} ] && network_provider="auto" + + if [ "${network_provider}" = "auto" ]; then + if systemctl -q is-active systemd-networkd; then + network_provider="systemd-networkd" + else + network_provider="network" + fi + fi + + echo ${network_provider} return 0 } install() { - [ -z ${AUTHORIZED_KEYS} ] && AUTHORIZED_KEYS="/root/.ssh/authorized_keys" - [ -z ${SSHD_OPTS} ] && SSHD_OPTS="-e -p 22" - [ -z ${DSA_HOST_KEY} ] && DSA_HOST_KEY="/etc/ssh/ssh_host_dsa_key" - [ -z ${ECDSA_HOST_KEY} ] && ECDSA_HOST_KEY="/etc/ssh/ssh_host_ecdsa_key" - [ -z ${ED25519_HOST_KEY} ] && ED25519_HOST_KEY="/etc/ssh/ssh_host_ed25519_key" - [ -z ${RSA_HOST_KEY} ] && RSA_HOST_KEY="/etc/ssh/ssh_host_rsa_key" + [ -z ${authorized_keys} ] && authorized_keys="/root/.ssh/authorized_keys" + [ -z ${sshd_opts} ] && sshd_opts="-e -p 22" + [ -z ${dsa_host_key} ] && dsa_host_key="/etc/ssh/ssh_host_dsa_key" + [ -z ${ecdsa_host_key} ] && ecdsa_host_key="/etc/ssh/ssh_host_ecdsa_key" + [ -z ${ed25519_host_key} ] && ed25519_host_key="/etc/ssh/ssh_host_ed25519_key" + [ -z ${rsa_host_key} ] && rsa_host_key="/etc/ssh/ssh_host_rsa_key" + [ -z ${systemd_networkd_files} ] && systemd_networkd_files="/etc/systemd/network/*" local keytype keyfile for keytype in dsa ecdsa ed25519 rsa; do case ${keytype} in - dsa) keyfile=${DSA_HOST_KEY} ;; - ecdsa) keyfile=${ECDSA_HOST_KEY} ;; - ed25519) keyfile=${ED25519_HOST_KEY} ;; - rsa) keyfile=${RSA_HOST_KEY} ;; + dsa) keyfile=${dsa_host_key} ;; + ecdsa) keyfile=${ecdsa_host_key} ;; + ed25519) keyfile=${ed25519_host_key} ;; + rsa) keyfile=${rsa_host_key} ;; esac [ -f ${keyfile} ] && inst_simple "${keyfile}" /etc/ssh/ssh_host_${keytype}_key @@ -38,15 +49,15 @@ install() { inst_simple "${moddir}/sshd.service" ${systemdsystemunitdir}/sshd.service mkdir -p "${initdir}/etc/sysconfig" - echo "SSHD_OPTS=\"${SSHD_OPTS}\"" > "${initdir}/etc/sysconfig/sshd" + echo "SSHD_OPTS=\"${sshd_opts}\"" > "${initdir}/etc/sysconfig/sshd" - if [ -f ${AUTHORIZED_KEYS} ]; then - inst_simple ${AUTHORIZED_KEYS} /root/.ssh/authorized_keys - else - dfatal "No authorized_keys for root user found!" + if [ ! -r "${authorized_keys}" ]; then + dfatal "No authorized_keys found!" return 1 fi + inst_simple ${authorized_keys} /root/.ssh/authorized_keys + getent passwd sshd >> "${initdir}/etc/passwd" getent group sshd >> "${initdir}/etc/group" @@ -57,5 +68,12 @@ install() { mkdir -p -m 0755 "${initdir}/var/log" touch "${initdir}/var/log/lastlog" + local nf + if [ "${network_provider}" = "systemd-networkd" ]; then + for nf in ${systemd_networkd_files}; do + inst_simple "${nf}" + done + fi + return 0 }