[lxc-devel] [PATCH 1/2] debian: Support ssh host keys regeneration
Stéphane Graber
stgraber at ubuntu.com
Tue Jan 14 23:14:44 UTC 2014
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
---
templates/lxc-debian.in | 24 ++++++++++++++++++++++++
1 file changed, 24 insertions(+)
diff --git a/templates/lxc-debian.in b/templates/lxc-debian.in
index d6f07b9..f399c0b 100644
--- a/templates/lxc-debian.in
+++ b/templates/lxc-debian.in
@@ -93,6 +93,30 @@ EOF
chroot $rootfs /usr/sbin/update-rc.d -f hwclock.sh remove
chroot $rootfs /usr/sbin/update-rc.d -f hwclockfirst.sh remove
+ # generate new SSH keys
+ if [ -x $rootfs/var/lib/dpkg/info/openssh-server.postinst ]; then
+ cat > $rootfs/usr/sbin/policy-rc.d << EOF
+#!/bin/sh
+exit 101
+EOF
+ chmod +x $rootfs/usr/sbin/policy-rc.d
+
+ if [ -f $rootfs/etc/init/ssh.conf ]; then
+ mv $rootfs/etc/init/ssh.conf $rootfs/etc/init/ssh.conf.disabled
+ fi
+
+ rm -f $rootfs/etc/ssh/ssh_host_*key*
+
+ DPKG_MAINTSCRIPT_PACKAGE=openssh DPKG_MAINTSCRIPT_NAME=postinst chroot $rootfs /var/lib/dpkg/info/openssh-server.postinst configure
+ sed -i "s/root@$(hostname)/root@$hostname/g" $rootfs/etc/ssh/ssh_host_*.pub
+
+ if [ -f "$rootfs/etc/init/ssh.conf.disabled" ]; then
+ mv $rootfs/etc/init/ssh.conf.disabled $rootfs/etc/init/ssh.conf
+ fi
+
+ rm -f $rootfs/usr/sbin/policy-rc.d
+ fi
+
# set initial timezone as on host
if [ -f /etc/timezone ]; then
cat /etc/timezone > $rootfs/etc/timezone
--
1.8.5.2
More information about the lxc-devel
mailing list