From 9a82e15d79ac8ac5054b8512734bc520c5161ad5 Mon Sep 17 00:00:00 2001 From: Robert Fairley Date: Wed, 15 Apr 2020 03:05:44 -0400 Subject: [PATCH 1/2] issuegen: clean up code (variables, comments) Clean up code by minimizing the number of variables and shortening the variable names. Remove unneeded comments, and add a few more clarifying comments. Separate code into clearer blocks for different operations (generating SSH key information, udev data, and the final output issue file). --- ...ole-login-helper-messages-issuegen.service | 2 +- .../console-login-helper-messages/issuegen | 47 ++++++++++--------- 2 files changed, 26 insertions(+), 23 deletions(-) diff --git a/usr/lib/systemd/system/console-login-helper-messages-issuegen.service b/usr/lib/systemd/system/console-login-helper-messages-issuegen.service index d2ec5cf..9fc449f 100644 --- a/usr/lib/systemd/system/console-login-helper-messages-issuegen.service +++ b/usr/lib/systemd/system/console-login-helper-messages-issuegen.service @@ -1,5 +1,5 @@ [Unit] -Description=Generate /run/issue.d/console-login-helper-messages.issue +Description=Generate console-login-helper-messages issue snippet Before=systemd-user-sessions.service Wants=network-online.target After=network-online.target sshd-keygen.target diff --git a/usr/libexec/console-login-helper-messages/issuegen b/usr/libexec/console-login-helper-messages/issuegen index 400bcdb..2a91ca5 100755 --- a/usr/libexec/console-login-helper-messages/issuegen +++ b/usr/libexec/console-login-helper-messages/issuegen @@ -14,42 +14,45 @@ set -e PKG_NAME=console-login-helper-messages -ISSUE_DIR_PUBLIC=issue.d -ISSUE_DIR_PRIVATE="${PKG_NAME}/issue.d" -SSH_DIR=/etc/ssh +ISSUE_SNIPPETS_PATH=${PKG_NAME}/issue.d +ETC_SNIPPETS="/etc/${ISSUE_SNIPPETS_PATH}" +RUN_SNIPPETS="/run/${ISSUE_SNIPPETS_PATH}" +USR_LIB_SNIPPETS="/usr/lib/${ISSUE_SNIPPETS_PATH}" -# The public directories are to be read by higher-level programs to display -# the issue on login, e.g. agetty. -# The private directories are to be read only by this script. -mkdir -p "${SSH_DIR}" -mkdir -p "/run/${ISSUE_DIR_PUBLIC}" -mkdir -p "/run/${ISSUE_DIR_PRIVATE}" +# Parts of this script write to the `${RUN_SNIPPETS}` directory, +# make sure it is created upfront. +mkdir -p "${RUN_SNIPPETS}" -# Provide key fingerprints via issue + +# Provide key fingerprints via issue. +SSH_DIR=/etc/ssh +# Ensure `${SSH_DIR}` is created and can be searched without error. +mkdir -p "${SSH_DIR}" +SSH_KEY_OUTDIR="${RUN_SNIPPETS}" for KEY_FILE in $(find "${SSH_DIR}" -name 'ssh_host_*_key') ; do ssh-keygen -l -f "${KEY_FILE}" -done | awk '{print "SSH host key: " $2 " " $4}' > "/run/${ISSUE_DIR_PRIVATE}/21_ssh_host_keys.issue" +done | awk '{print "SSH host key: " $2 " " $4}' > "${SSH_KEY_OUTDIR}/21_ssh_host_keys.issue" + -# Data from udev rules +# Add/remove data from udev rules. +UDEV_IF_OUTDIR="${RUN_SNIPPETS}" case "${ACTION}" in add) - echo "${INTERFACE}: \\4{${INTERFACE}} \\6{${INTERFACE}}" > "/run/${ISSUE_DIR_PRIVATE}/22_${INTERFACE}.issue" + echo "${INTERFACE}: \\4{${INTERFACE}} \\6{${INTERFACE}}" > "${UDEV_IF_OUTDIR}/22_${INTERFACE}.issue" ;; remove) - rm -f "/run/${ISSUE_DIR_PRIVATE}/22_${INTERFACE}.issue" + rm -f "${UDEV_IF_OUTDIR}/22_${INTERFACE}.issue" ;; esac -# TODO: it would be nice to have /run/issue.d be an official directory, -# see https://github.com/karelzak/util-linux/commit/1fc82a1360305f696dc1be6105c9c56a9ea03f52#commitcomment-27949895 -# until then, $GENERATED_ISSUE writes to the privately scoped directory (not in /run/issue.d) -# -# Pick 40 as an index as other files can order around it easily. + +# Generate a final issue message from compiling the snippets. +# Pick 40 as a prefix as other files can order around it easily. generated_file="/run/${PKG_NAME}/40_${PKG_NAME}.issue" generated_string='' # Hack around files potentially not existing in the below paths with `|| true`. -generated_string+=$(cat /etc/${ISSUE_DIR_PRIVATE}/* 2>/dev/null || true) -generated_string+=$(cat /run/${ISSUE_DIR_PRIVATE}/* 2>/dev/null || true) -generated_string+=$(cat /usr/lib/${ISSUE_DIR_PRIVATE}/* 2>/dev/null || true) +generated_string+=$(cat ${ETC_SNIPPETS}/* 2>/dev/null || true) +generated_string+=$(cat ${RUN_SNIPPETS}/* 2>/dev/null || true) +generated_string+=$(cat ${USR_LIB_SNIPPETS}/* 2>/dev/null || true) echo "${generated_string}" > "${generated_file}" From abfced087975963258b4df6b3c59026f386b364f Mon Sep 17 00:00:00 2001 From: Robert Fairley Date: Wed, 22 Apr 2020 23:05:05 +0000 Subject: [PATCH 2/2] issuegen: set output paths based on util-linux version If the util-linux version installed is greater than or equal to 2.35, when support for /run/issue.d was added, set the the output paths so that /run/issue.d is utilized. The version check for util-linux is done by using `rpm` to check the version of an installed util-linux RPM package. For non-RPM-based systems, the output paths will take a default value of the private directory location /run/console-login-helper-messages/issue.d. `rpm` is chosen to perform the check as the only kown consumers of console-login-helper-messages are RPM-based distributions, however support could always later be added for Debian-based or other Linux distributions. --- .../console-login-helper-messages/issuegen | 34 +++++++++++++++---- 1 file changed, 28 insertions(+), 6 deletions(-) diff --git a/usr/libexec/console-login-helper-messages/issuegen b/usr/libexec/console-login-helper-messages/issuegen index 2a91ca5..0db9afd 100755 --- a/usr/libexec/console-login-helper-messages/issuegen +++ b/usr/libexec/console-login-helper-messages/issuegen @@ -15,27 +15,49 @@ set -e PKG_NAME=console-login-helper-messages ISSUE_SNIPPETS_PATH=${PKG_NAME}/issue.d + +# Snippet locations that are read by issuegen to generate combined snippet +# data, which is outputted in ${generated_file} (below). ETC_SNIPPETS="/etc/${ISSUE_SNIPPETS_PATH}" RUN_SNIPPETS="/run/${ISSUE_SNIPPETS_PATH}" USR_LIB_SNIPPETS="/usr/lib/${ISSUE_SNIPPETS_PATH}" -# Parts of this script write to the `${RUN_SNIPPETS}` directory, -# make sure it is created upfront. -mkdir -p "${RUN_SNIPPETS}" +# Output locations for snippets produced by issuegen. +SNIPPETS_OUTDIR="${RUN_SNIPPETS}" +GENERATED_FILE_OUTDIR="/run/${PKG_NAME}" + +# Check util-linux version, and set output directories accordingly. +# If not on an RPM-based system, then just continue keeping the output +# directories at their defaults. +if command -v rpm >/dev/null; then + UTIL_LINUX_VERSION=$(rpm -q --queryformat="%{version}" util-linux) + UTIL_LINUX_MAJOR_VERSION=$(echo ${UTIL_LINUX_VERSION} | awk -F '.' '{print $1}') + UTIL_LINUX_MINOR_VERSION=$(echo ${UTIL_LINUX_VERSION} | awk -F '.' '{print $2}') + # Check that util-linux-2.35 or higher is installed, which includes necessary + # support for /run/issue.d: https://github.com/karelzak/util-linux/commit/456bcbca6b55fbed33d9f86e69a51abd0e1b8f0b + if [[ ${UTIL_LINUX_MAJOR_VERSION} -gt 2 ]] || [[ ${UTIL_LINUX_MAJOR_VERSION} -eq 2 && ${UTIL_LINUX_MINOR_VERSION} -ge 35 ]]; then + SNIPPETS_OUTDIR=/run/issue.d + GENERATED_FILE_OUTDIR=/run/issue.d + fi +fi + +# Make sure the output directories are created upfront, so there is no error +# writing to them. +mkdir -p ${SNIPPETS_OUTDIR} ${GENERATED_FILE_OUTDIR} # Provide key fingerprints via issue. SSH_DIR=/etc/ssh # Ensure `${SSH_DIR}` is created and can be searched without error. mkdir -p "${SSH_DIR}" -SSH_KEY_OUTDIR="${RUN_SNIPPETS}" +SSH_KEY_OUTDIR="${SNIPPETS_OUTDIR}" for KEY_FILE in $(find "${SSH_DIR}" -name 'ssh_host_*_key') ; do ssh-keygen -l -f "${KEY_FILE}" done | awk '{print "SSH host key: " $2 " " $4}' > "${SSH_KEY_OUTDIR}/21_ssh_host_keys.issue" # Add/remove data from udev rules. -UDEV_IF_OUTDIR="${RUN_SNIPPETS}" +UDEV_IF_OUTDIR="${SNIPPETS_OUTDIR}" case "${ACTION}" in add) echo "${INTERFACE}: \\4{${INTERFACE}} \\6{${INTERFACE}}" > "${UDEV_IF_OUTDIR}/22_${INTERFACE}.issue" @@ -48,7 +70,7 @@ esac # Generate a final issue message from compiling the snippets. # Pick 40 as a prefix as other files can order around it easily. -generated_file="/run/${PKG_NAME}/40_${PKG_NAME}.issue" +generated_file="${GENERATED_FILE_OUTDIR}/40_${PKG_NAME}.issue" generated_string='' # Hack around files potentially not existing in the below paths with `|| true`. generated_string+=$(cat ${ETC_SNIPPETS}/* 2>/dev/null || true)