blob: ba1d1cdd3b5c8e388b2b69c0637625e5e5bae9d5 (
about) (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
|
config() {
NEW="$1"
OLD="`dirname $NEW`/`basename $NEW .new`"
# If there's no config file by that name, mv it over:
if [ ! -r $OLD ]; then
mv $NEW $OLD
elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy
rm $NEW
fi
# Otherwise, we leave the .new copy for the admin to consider...
}
preserve_perms() {
NEW="$1"
OLD="$(dirname ${NEW})/$(basename ${NEW} .new)"
if [ -e ${OLD} ]; then
cp -a ${OLD} ${NEW}.incoming
cat ${NEW} > ${NEW}.incoming
touch -r ${NEW} ${NEW}.incoming
mv ${NEW}.incoming ${NEW}
fi
config ${NEW}
}
if [ -r etc/pam.d/sshd.new ]; then
config etc/pam.d/sshd.new
fi
config etc/default/sshd.new
config etc/ssh/ssh_config.new
config etc/ssh/sshd_config.new
preserve_perms etc/rc.d/rc.sshd.new
if [ -e etc/rc.d/rc.sshd.new ]; then
mv etc/rc.d/rc.sshd.new etc/rc.d/rc.sshd
fi
# If the sshd user/group/shadow don't exist, add them:
if ! grep -q "^sshd:" etc/passwd ; then
echo "sshd:x:33:33:sshd:/:" >> etc/passwd
fi
if ! grep -q "^sshd:" etc/group ; then
echo "sshd::33:sshd" >> etc/group
fi
if ! grep -q "^sshd:" etc/shadow ; then
echo "sshd:*:9797:0:::::" >> etc/shadow
fi
# Add a btmp file to store login failure if one doesn't exist:
if [ ! -r var/log/btmp ]; then
( cd var/log ; umask 077 ; touch btmp )
fi
|
