From a7813d33924a3e557c6347d81f005c5002dcb269 Mon Sep 17 00:00:00 2001
From: Steve Muir <smuir@cs.princeton.edu>
Date: Mon, 1 Dec 2003 14:51:56 +0000
Subject: [PATCH] This commit was generated by cvs2svn to compensate for
 changes in r5, which included commits to RCS files with non-trunk default
 branches.

---
 auto.pl_sshd |  24 ++++++++++
 pl_sshd      | 133 +++++++++++++++++++++++++++++++++++++++++++++++++++
 pl_sshd.sh   |   3 ++
 pl_sshd.spec |  87 +++++++++++++++++++++++++++++++++
 4 files changed, 247 insertions(+)
 create mode 100755 auto.pl_sshd
 create mode 100644 pl_sshd
 create mode 100755 pl_sshd.sh
 create mode 100644 pl_sshd.spec

diff --git a/auto.pl_sshd b/auto.pl_sshd
new file mode 100755
index 0000000..71585ee
--- /dev/null
+++ b/auto.pl_sshd
@@ -0,0 +1,24 @@
+#!/bin/bash
+#
+# script to translate keys (user names) into automount rules.
+#
+
+[ "$#" = "1" ] || { echo bad args; exit 1; }
+
+KEYFILE=.ssh/authorized_keys
+eval "HOMEDIR=~$1"  # the way that ~ substitution works
+
+#
+# if this user has a file .ssh/authorized_keys within their real homedir
+# then return that, otherwise use the corresponding file from the vserver.
+#
+if [ -r "$HOMEDIR/$KEYFILE" ]; then
+    OUT=$HOMEDIR/.ssh
+elif [ -r "/vservers/$1/home/$1/$KEYFILE" ]; then
+    OUT=/vservers/$1/home/$1/.ssh
+else
+    echo $1 not found in /vservers or /home >/tmp/auto.pl_sshd.log
+    exit 1
+fi
+
+echo --bind,-r :$OUT
diff --git a/pl_sshd b/pl_sshd
new file mode 100644
index 0000000..8fb92e1
--- /dev/null
+++ b/pl_sshd
@@ -0,0 +1,133 @@
+#!/bin/bash
+#
+# Init file for PlanetLab OpenSSH server daemon (copied from standard
+# sshd init file, minor modifications made).
+#
+# chkconfig: 2345 55 25
+# description: PlanetLab OpenSSH server daemon
+#
+# processname: sshd
+# config: /etc/ssh/ssh_host_key
+# config: /etc/ssh/ssh_host_key.pub
+# config: /etc/ssh/ssh_random_seed
+# config: /etc/ssh/sshd_config
+# pidfile: /var/run/pl_sshd.pid
+
+# source function library
+. /etc/rc.d/init.d/functions
+#
+# pull in sysconfig settings
+[ -f /etc/sysconfig/pl_sshd ] && . /etc/sysconfig/pl_sshd
+
+# add the PlanetLab-specific options
+KEYDIR=/var/pl_sshd/keys
+OPTIONS="-p 806 -o 'AuthorizedKeysFile $KEYDIR/%u/authorized_keys'"
+AUTOMOUNT=/usr/sbin/automount
+AUTOMAP=/etc/auto.pl_sshd
+AUTOPID=
+
+RETVAL=0
+prog="pl_sshd"
+
+# Some functions to make the below more readable
+SSHD=/usr/sbin/sshd
+RSA1_KEY=/var/local/etc/ssh_host_key
+RSA_KEY=/var/local/etc/ssh_host_rsa_key
+DSA_KEY=/var/local/etc/ssh_host_dsa_key
+PID_FILE=/var/run/pl_sshd.pid
+
+do_restart_sanity_check()
+{
+	$SSHD -t
+	RETVAL=$?
+	if [ ! "$RETVAL" = 0 ]; then
+		failure $"Configuration file or keys are invalid"
+		echo
+	fi
+}
+
+check_automount()
+{
+    # get pid for our automount process
+    AUTOPID=`mount | \
+	sed -ne "s%^automount(pid\([0-9]*\)) on $KEYDIR type autofs.*%\1%p"`
+
+    # check if that process is still alive
+    { [ -n "$AUTOPID" ] && ps -p $AUTOPID >/dev/null 2>&1; } || return 1
+
+    # check if we can actually mount a user dir in the automount dir
+    [ -d "$KEYDIR/root" ] || return 1
+}
+
+start()
+{
+        # make sure the key dir exists and automount is working on it
+        [ -d "$KEYDIR" ] || mkdir -p $KEYDIR
+	[ -x "$AUTOMAP" ] ||
+	{ echo "$AUTOMAP not executable"; return 1; }
+	check_automount || $AUTOMOUNT $KEYDIR program $AUTOMAP
+
+	echo -n $"Starting $prog:"
+	initlog -c "$SSHD $OPTIONS" && success || failure
+	RETVAL=$?
+	[ "$RETVAL" = 0 ] && touch /var/lock/subsys/pl_sshd
+	echo
+}
+
+stop()
+{
+        check_automount && kill -USR2 $AUTOPID
+
+	#echo -n $"Stopping $prog:"
+	#killproc $SSHD -TERM
+	echo 'you need to kill the port 806 sshd(s) manually'
+	echo 'make sure not to kill the port 22 sshd...'
+	RETVAL=$?
+	[ "$RETVAL" = 0 ] && rm -f /var/lock/subsys/pl_sshd
+	#echo
+}
+
+reload()
+{
+	echo -n $"Reloading $prog:"
+	killproc $SSHD -HUP
+	RETVAL=$?
+	echo
+}
+
+case "$1" in
+	start)
+		start
+		;;
+	stop)
+		stop
+		;;
+	restart)
+		stop
+		start
+		;;
+	reload)
+		reload
+		;;
+	condrestart)
+		if [ -f /var/lock/subsys/pl_sshd ] ; then
+			do_restart_sanity_check
+			if [ "$RETVAL" = 0 ] ; then
+				stop
+				# avoid race
+				sleep 3
+				start
+			fi
+		fi
+		;;
+	status)
+	        check_automount && echo automount running ||
+		    echo automount not functioning
+		status pl_sshd
+		RETVAL=$?
+		;;
+	*)
+		echo $"Usage: $0 {start|stop|restart|reload|condrestart|status}"
+		RETVAL=1
+esac
+exit $RETVAL
diff --git a/pl_sshd.sh b/pl_sshd.sh
new file mode 100755
index 0000000..4fa07c4
--- /dev/null
+++ b/pl_sshd.sh
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+exec -a pl_sshd /usr/sbin/sshd "$@"
diff --git a/pl_sshd.spec b/pl_sshd.spec
new file mode 100644
index 0000000..2ffe6fc
--- /dev/null
+++ b/pl_sshd.spec
@@ -0,0 +1,87 @@
+Summary: SSH server config for PlanetLab
+Name: pl_sshd
+Version: 0.1
+Release: 1
+Requires: automount, sshd
+Copyright: GPL
+URL: http://www.planet-lab.org
+Group: System Environment/Base
+Source: %{_fullname}.tar.gz
+
+%description 
+SSH server configuration for PlanetLab nodes.  Configures an automounted
+directory as source for authorized_keys files and points sshd to that
+directory.
+
+%prep
+%setup
+
+%build
+
+
+%install
+install -m 0755 -o root -g root pl_sshd.sh $RPM_BUILD_ROOT/usr/local/sbin
+install -m 0755 -o root -g root pl_sshd $RPM_BUILD_ROOT/etc/init.d
+install -m 0755 -o root -g root auto.pl_sshd $RPM_BUILD_ROOT/etc
+echo "OPTIONS='-p 806'" >$RPM_BUILD_ROOT/etc/sysconfig/sshd
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+%files
+%defattr(-,root,root)
+%attr(0755,root,root) /usr/local/sbin/pl_sshd.sh
+%attr(0755,root,root) /etc/init.d/pl_sshd
+%attr(0755,root,root) /etc/auto.pl_sshd
+
+%pre
+
+
+%post
+RUNLEVEL=`/sbin/runlevel`
+
+if [ "$1" -ge 1 ]; then
+	chkconfig --add pl_sshd
+
+	if [[ "$RUNLEVEL" != "unknown" ]]; then
+		/etc/init.d/pl_sshd restart
+	fi
+fi
+
+%preun
+if [ "$1" = 0 ]; then
+	chkconfig --del pl_sshd
+fi
+
+
+%postun
+
+
+%changelog
+* Tue Nov 25 2003 Steve Muir <smuir@cs.princeton.edu>
+- fixed a couple of Node Manager bugs:
+  - bootstrapping pl_conf state when boot server unreachable
+  - canonical hostnames should be all lower-case
+- fixup UID and GID of users within vservers to match real world
+- enable access to dynamic slices through port 806 sshd
+
+* Sun Oct 26 2003 Aaron Klingaman <Aaron.L.Klingaman@intel.com>
+- readded start/stop only when runlevel is known, for install purposes
+
+* Thu Oct 16 2003 Jeff Sedayao <Jeff.Sedayao@intel.com>
+- Fixed bug in pl_conf  - it was getting negative wait times.  Also added
+  duke4 as a trusted user. 
+
+* Tue Oct  8 2003 Jeff Sedayao <Jeff.Sedayao@intel.com>
+- Removed special fetch login from init function, updated release
+
+* Tue Oct  7 2003 Jeff Sedayao <Jeff.Sedayao@intel.com>
+- Moved special fetch login into main loop, fix account deletion
+  problem
+
+* Tue Oct  7 2003 Aaron Klingaman <Aaron.L.Klingaman@intel.com>
+- Commented out code to start pl_* upon install
+
+* Wed Aug 26 2003 Tammo Spalink <tammo.spalink@intel.com>
+- Initial build.
+
-- 
2.43.0