[lxc-devel] [PATCH 1/2] debian: Support ssh host keys regeneration
Serge Hallyn
serge.hallyn at ubuntu.com
Wed Jan 15 14:43:40 UTC 2014
Quoting Stéphane Graber (stgraber at ubuntu.com):
> Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> ---
> templates/lxc-debian.in | 24 ++++++++++++++++++++++++
> 1 file changed, 24 insertions(+)
>
> diff --git a/templates/lxc-debian.in b/templates/lxc-debian.in
> index d6f07b9..f399c0b 100644
> --- a/templates/lxc-debian.in
> +++ b/templates/lxc-debian.in
> @@ -93,6 +93,30 @@ EOF
> chroot $rootfs /usr/sbin/update-rc.d -f hwclock.sh remove
> chroot $rootfs /usr/sbin/update-rc.d -f hwclockfirst.sh remove
>
> + # generate new SSH keys
> + if [ -x $rootfs/var/lib/dpkg/info/openssh-server.postinst ]; then
> + cat > $rootfs/usr/sbin/policy-rc.d << EOF
> +#!/bin/sh
> +exit 101
> +EOF
> + chmod +x $rootfs/usr/sbin/policy-rc.d
> +
> + if [ -f $rootfs/etc/init/ssh.conf ]; then
> + mv $rootfs/etc/init/ssh.conf $rootfs/etc/init/ssh.conf.disabled
> + fi
> +
> + rm -f $rootfs/etc/ssh/ssh_host_*key*
> +
> + DPKG_MAINTSCRIPT_PACKAGE=openssh DPKG_MAINTSCRIPT_NAME=postinst chroot $rootfs /var/lib/dpkg/info/openssh-server.postinst configure
> + sed -i "s/root@$(hostname)/root@$hostname/g" $rootfs/etc/ssh/ssh_host_*.pub
> +
> + if [ -f "$rootfs/etc/init/ssh.conf.disabled" ]; then
> + mv $rootfs/etc/init/ssh.conf.disabled $rootfs/etc/init/ssh.conf
> + fi
> +
> + rm -f $rootfs/usr/sbin/policy-rc.d
> + fi
> +
> # set initial timezone as on host
> if [ -f /etc/timezone ]; then
> cat /etc/timezone > $rootfs/etc/timezone
> --
> 1.8.5.2
>
> _______________________________________________
> lxc-devel mailing list
> lxc-devel at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-devel
More information about the lxc-devel
mailing list