move key generation from postinst to initscript. add support for read-only rootfs.

BKrev: 41444c2cb4cjCn2Y7PHX_qf8eBFYWg

2 files changed, 97 insertions, 11 deletions

diff --git a/dropbear/dropbear/init b/dropbear/dropbear/init
index e69de29bb2..134229bf26 100644
--- a/dropbear/dropbear/init
+++ b/dropbear/dropbear/init
@@ -0,0 +1,96 @@
+#!/bin/sh
+#
+# Do not configure this file. Edit /etc/default/dropbear instead!
+#
+
+PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
+DAEMON=/usr/sbin/dropbear
+NAME=dropbear
+DESC="Dropbear SSH server"
+
+DROPBEAR_PORT=22
+DROPBEAR_EXTRA_ARGS=
+NO_START=0
+
+set -e
+
+test ! -r /etc/default/dropbear || . /etc/default/dropbear
+test "$NO_START" = "0" || exit 0
+test -x "$DAEMON" || exit 0
+test ! -h /var/service/dropbear || exit 0
+
+readonly_rootfs=0
+for flag in `awk '{ if ($2 == "/") { split($4,FLAGS,",") } }; END { for (f in FLAGS) print FLAGS[f] }' </proc/mounts`; do
+  case flag in
+   ro)
+     readonly_rootfs=1
+     ;;
+  esac
+done
+
+if [ $readonly_rootfs = "1" ]; then
+  mkdir -p /var/lib/dropbear
+  DROPBEAR_RSAKEY_DEFAULT="/var/lib/dropbear/dropbear_rsa_host_key"
+  DROPBEAR_DSSKEY_DEFAULT="/var/lib/dropbear/dropbear_dss_host_key"
+else
+  DROPBEAR_RSAKEY_DEFAULT="/etc/dropbear/dropbear_rsa_host_key"
+  DROPBEAR_DSSKEY_DEFAULT="/etc/dropbear/dropbear_dss_host_key"
+fi
+
+test -z "$DROPBEAR_BANNER" || \
+  DROPBEAR_EXTRA_ARGS="$DROPBEAR_EXTRA_ARGS -b $DROPBEAR_BANNER"
+test -n "$DROPBEAR_RSAKEY" || \
+  DROPBEAR_RSAKEY=$DROPBEAR_RSAKEY_DEFAULT
+test -n "$DROPBEAR_DSSKEY" || \
+  DROPBEAR_DSSKEY=$DROPBEAR_DSSKEY_DEFAULT
+test -n "$DROPBEAR_KEYTYPES" || \
+  DROPBEAR_KEYTYPES="rsa"
+
+KEY_ARGS=""
+test -f $DROPBEAR_DSSKEY && KEY_ARGS="$KEY_ARGS -d \"$DROPBEAR_DSSKEY\""
+test -f $DROPBEAR_RSAKEY && KEY_ARGS="$KEY_ARGS -r \"$DROPBEAR_RSAKEY\""
+
+gen_keys() {
+for t in $DROPBEAR_KEYTYPES; do
+  case $t in
+    rsa)
+        test -f $DROPBEAR_RSAKEY || dropbearkey -t rsa -f $DROPBEAR_RSAKEY
+	;;
+    dsa)
+        test -f $DROPBEAR_DSSKEY || dropbearkey -t dss -f $DROPBEAR_DSSKEY
+	;;
+  esac
+done
+}
+
+case "$1" in
+  start)
+	echo -n "Starting $DESC: "
+	gen_keys
+	start-stop-daemon -S \
+	  -x "$DAEMON" -- $KEY_ARGS \
+	    -p "$DROPBEAR_PORT" $DROPBEAR_EXTRA_ARGS
+	echo "$NAME."
+	;;
+  stop)
+	echo -n "Stopping $DESC: "
+	start-stop-daemon -K -x "$DAEMON"
+	echo "$NAME."
+	;;
+  restart|force-reload)
+	echo -n "Restarting $DESC: "
+	start-stop-daemon -K -x "$DAEMON"
+	sleep 1
+	start-stop-daemon -S \
+	  -x "$DAEMON" -- $KEY_ARGS \
+	    -p "$DROPBEAR_PORT" $DROPBEAR_EXTRA_ARGS
+	echo "$NAME."
+	;;
+  *)
+	N=/etc/init.d/$NAME
+	echo "Usage: $N {start|stop|restart|force-reload}" >&2
+	exit 1
+	;;
+esac
+
+exit 0
diff --git a/dropbear/dropbear_0.43+0.44test3.oe b/dropbear/dropbear_0.43+0.44test3.oe
index b29ce2da28..8a08e48f0a 100644
--- a/dropbear/dropbear_0.43+0.44test3.oe
+++ b/dropbear/dropbear_0.43+0.44test3.oe
@@ -1,7 +1,7 @@
 DESCRIPTION = "Dropbear SSH Implementation"
 LICENSE = "MIT"
 DEPENDS = "zlib ncurses"
-PR = "r2"
+PR = "r3"
 RV = "0.44test3"
 
 SRC_URI = "http://matt.ucc.asn.au/dropbear/testing/dropbear-${RV}.tar.bz2 \
@@ -48,16 +48,6 @@ do_install () {
 	chmod 755 ${D}/${sysconfdir}/init.d/dropbear
 }
 
-pkg_postinst_append () {
-  if [ -n "$D"  ]; then exit 1; fi
-  if [ ! -f "${sysconfdir}/dropbear/dropbear_rsa_host_key" ]; then
-        dropbearkey -t rsa -f ${sysconfdir}/dropbear/dropbear_rsa_host_key
-  fi
-  #if [ ! -f "${sysconfdir}/dropbear/dropbear_dss_host_key" ]; then
-  #       dropbearkey -t dss -f ${sysconfdir}/dropbear/dropbear_dss_host_key
-  #fi
-}
-
 pkg_postrm_append () {
   if [ -f "${sysconfdir}/dropbear/dropbear_rsa_host_key" ]; then
         rm ${sysconfdir}/dropbear/dropbear_rsa_host_key