From b3e31ba228d32c318872fb68edda272f679e1004 Mon Sep 17 00:00:00 2001
From: Ryan Harper <ryan.harper@canonical.com>
Date: Tue, 12 Oct 2021 09:31:36 -0500
Subject: Inhibit sshd-keygen@.service if cloud-init is active (#1028)

In some cloud-init enabled images the sshd-keygen@.service
may race with cloud-init and prevent ssh host keys from being
generated or generating host keys twice slowing boot and  consuming
additional entropy during boot.  This drop-in unit adds a condition to
the sshd-keygen@.service which prevents running if cloud-init is active.
---
 systemd/disable-sshd-keygen-if-cloud-init-active.conf | 8 ++++++++
 1 file changed, 8 insertions(+)
 create mode 100644 systemd/disable-sshd-keygen-if-cloud-init-active.conf

(limited to 'systemd')

diff --git a/systemd/disable-sshd-keygen-if-cloud-init-active.conf b/systemd/disable-sshd-keygen-if-cloud-init-active.conf
new file mode 100644
index 00000000..71e35876
--- /dev/null
+++ b/systemd/disable-sshd-keygen-if-cloud-init-active.conf
@@ -0,0 +1,8 @@
+# In some cloud-init enabled images the sshd-keygen template service may race
+# with cloud-init during boot causing issues with host key generation.  This
+# drop-in config adds a condition to sshd-keygen@.service if it exists and
+# prevents the sshd-keygen units from running *if* cloud-init is going to run.
+#
+[Unit]
+ConditionPathExists=!/run/systemd/generator.early/multi-user.target.wants/cloud-init.target
+EOF
-- 
cgit v1.2.3