From b3e31ba228d32c318872fb68edda272f679e1004 Mon Sep 17 00:00:00 2001
From: Ryan Harper <ryan.harper@canonical.com>
Date: Tue, 12 Oct 2021 09:31:36 -0500
Subject: Inhibit sshd-keygen@.service if cloud-init is active (#1028)

In some cloud-init enabled images the sshd-keygen@.service
may race with cloud-init and prevent ssh host keys from being
generated or generating host keys twice slowing boot and  consuming
additional entropy during boot.  This drop-in unit adds a condition to
the sshd-keygen@.service which prevents running if cloud-init is active.
---
 packages/redhat/cloud-init.spec.in | 1 +
 packages/suse/cloud-init.spec.in   | 1 +
 2 files changed, 2 insertions(+)

(limited to 'packages')

diff --git a/packages/redhat/cloud-init.spec.in b/packages/redhat/cloud-init.spec.in
index b930709b..22db4b50 100644
--- a/packages/redhat/cloud-init.spec.in
+++ b/packages/redhat/cloud-init.spec.in
@@ -182,6 +182,7 @@ fi
 
 %if "%{init_system}" == "systemd"
 /usr/lib/systemd/system-generators/cloud-init-generator
+%{_sysconfdir}/systemd/system/sshd-keygen@.service.d/disable-sshd-keygen-if-cloud-init-active.conf
 %{_unitdir}/cloud-*
 %else
 %attr(0755, root, root) %{_initddir}/cloud-config
diff --git a/packages/suse/cloud-init.spec.in b/packages/suse/cloud-init.spec.in
index 004b875f..da8107b4 100644
--- a/packages/suse/cloud-init.spec.in
+++ b/packages/suse/cloud-init.spec.in
@@ -126,6 +126,7 @@ version_pys=$(cd "%{buildroot}" && find . -name version.py -type f)
 
 %{_sysconfdir}/dhcp/dhclient-exit-hooks.d/hook-dhclient
 %{_sysconfdir}/NetworkManager/dispatcher.d/hook-network-manager
+%{_sysconfdir}/systemd/system/sshd-keygen@.service.d/disable-sshd-keygen-if-cloud-init-active.conf
 
 # Python code is here...
 %{python_sitelib}/*
-- 
cgit v1.2.3