diff options
Diffstat (limited to 'data')
-rwxr-xr-x | data/live-build-config/hooks/04-locale.chroot | 1 | ||||
-rwxr-xr-x | data/live-build-config/hooks/09-live.chroot | 5 | ||||
-rwxr-xr-x | data/live-build-config/hooks/18-enable-disable_services.chroot (renamed from data/live-build-config/hooks/18-disable_services.chroot) | 3 | ||||
-rw-r--r-- | data/live-build-config/includes.chroot/etc/systemd/system/sshd.service | 16 | ||||
-rw-r--r-- | data/live-build-config/includes.chroot/lib/systemd/system/ssh-session-cleanup.service | 13 | ||||
-rwxr-xr-x | data/live-build-config/includes.chroot/usr/lib/openssh/ssh-session-cleanup | 11 |
6 files changed, 32 insertions, 17 deletions
diff --git a/data/live-build-config/hooks/04-locale.chroot b/data/live-build-config/hooks/04-locale.chroot index 1c02db02..89a5f954 100755 --- a/data/live-build-config/hooks/04-locale.chroot +++ b/data/live-build-config/hooks/04-locale.chroot @@ -6,3 +6,4 @@ LANG=en_US.UTF-8 LC_ALL=C EOF +sed -i 's/AcceptEnv LANG LC_\*/# AcceptEnv LANG LC_\*/g' /etc/ssh/sshd_config diff --git a/data/live-build-config/hooks/09-live.chroot b/data/live-build-config/hooks/09-live.chroot index e2f95ff3..f19f0ae6 100755 --- a/data/live-build-config/hooks/09-live.chroot +++ b/data/live-build-config/hooks/09-live.chroot @@ -1,6 +1,11 @@ #!/bin/sh # hack live script that tries to mount ext[23] floppies as root +# remove user settings live config scripts sed -e '/ln -s "${devname}"/,/return 0/ s/^/: FIXME/' \ -i /usr/share/initramfs-tools/scripts/live + +rm -rf /lib/live/config/0030-live-debconfig_passwd +rm -rf /lib/live/config/0030-user-setup +rm -rf /lib/live/config/0040-sudo diff --git a/data/live-build-config/hooks/18-disable_services.chroot b/data/live-build-config/hooks/18-enable-disable_services.chroot index c68a6b3d..68971405 100755 --- a/data/live-build-config/hooks/18-disable_services.chroot +++ b/data/live-build-config/hooks/18-enable-disable_services.chroot @@ -1,6 +1,6 @@ #!/bin/sh -echo I: Disabling services. +echo I: Enabling/Disabling services. systemctl disable exim4 /usr/sbin/update-rc.d -f exim4 remove systemctl disable isc-dhcp-server @@ -25,3 +25,4 @@ systemctl disable dnsmasq /usr/sbin/update-rc.d -f dnsmasq remove systemctl disable lldpd /usr/sbin/update-rc.d -f lldpd remove +systemctl enable ssh-session-cleanup diff --git a/data/live-build-config/includes.chroot/etc/systemd/system/sshd.service b/data/live-build-config/includes.chroot/etc/systemd/system/sshd.service deleted file mode 100644 index e84142bb..00000000 --- a/data/live-build-config/includes.chroot/etc/systemd/system/sshd.service +++ /dev/null @@ -1,16 +0,0 @@ -[Unit] -Description=OpenBSD Secure Shell server -After=network.target auditd.service -ConditionPathExists=!/etc/ssh/sshd_not_to_be_run - -[Service] -EnvironmentFile=-/etc/default/ssh -ExecStart=/usr/sbin/sshd -D $SSHD_OPTS -ExecReload=/bin/kill -HUP $MAINPID -ExecStop=/usr/bin/killall sshd -KillMode=process -Restart=on-failure - -[Install] -WantedBy=multi-user.target -Alias=sshd.service diff --git a/data/live-build-config/includes.chroot/lib/systemd/system/ssh-session-cleanup.service b/data/live-build-config/includes.chroot/lib/systemd/system/ssh-session-cleanup.service new file mode 100644 index 00000000..b8672722 --- /dev/null +++ b/data/live-build-config/includes.chroot/lib/systemd/system/ssh-session-cleanup.service @@ -0,0 +1,13 @@ +[Unit] +Description=OpenBSD Secure Shell session cleanup +Wants=network.target +After=network.target + +[Service] +ExecStart=/bin/true +ExecStop=/usr/lib/openssh/ssh-session-cleanup +RemainAfterExit=yes +Type=oneshot + +[Install] +WantedBy=multi-user.target diff --git a/data/live-build-config/includes.chroot/usr/lib/openssh/ssh-session-cleanup b/data/live-build-config/includes.chroot/usr/lib/openssh/ssh-session-cleanup new file mode 100755 index 00000000..f283cc96 --- /dev/null +++ b/data/live-build-config/includes.chroot/usr/lib/openssh/ssh-session-cleanup @@ -0,0 +1,11 @@ +#! /bin/sh + +ssh_session_pattern='sshd: \S.*@pts/[0-9]+' + +IFS="$IFS@" +pgrep -a -f "$ssh_session_pattern" | while read pid daemon user pty; do + echo "Found ${daemon%:} session $pid on $pty; sending SIGTERM" + kill "$pid" || true +done + +exit 0 |