Adding support for LXC in openssh-server component for openssh 6.2p2-2 and newer.
authorDaniel Baumann <mail@daniel-baumann.ch>
Fri, 29 Nov 2013 12:52:13 +0000 (13:52 +0100)
committerDaniel Baumann <mail@daniel-baumann.ch>
Fri, 29 Nov 2013 12:56:29 +0000 (13:56 +0100)
components/0210-openssh-server
components/0210-openssh-server.templates

index de227c9..76c438a 100755 (executable)
 
 set -e
 
+DEBCONF_SYSTEMRC="/var/lib/live/debconfig/systemrc"
+export DEBCONF_SYSTEMRC
+
+. /usr/share/debconf/confmodule
+
+if [ ! -e /etc/ssh/sshd_config ]
+then
+       # System does not use openssh-server
+       exit 0
+fi
+
+Defaults ()
+{
+       _LXC_ENABLE="${_LXC_ENABLE:-false}"
+}
+
+db_get live-debconfig/openssh-server/lxc-enable
+_LXC_ENABLE="${RET}" # boolean
+
+Defaults
+
+db_set live-debconfig/openssh-server/lxc-enable "${_LXC_ENABLE}"
+db_fset live-debconfig/openssh-server/lxc-enable seen false
+
+db_settitle live-debconfig/title
+db_input high live-debconfig/openssh-server/lxc-enable || true
+db_go
+
+db_get live-debconfig/openssh-server/lxc-enable
+_LXC_ENABLE="${RET}" # boolean
+
+db_stop
+
+# Disabling loginuid (requires read-write proc filesystem)
+case "${_LXC_ENABLE}" in
+       true)
+               if grep -E -qs "^ *session *required *pam_loginuid.so" /etc/pam.d/sshd
+               then
+                       sed -i -e 's|^.*\(session.*required.*pam_loginuid.so\)$|#\1|' /etc/pam.d/sshd
+               fi
+               ;;
+
+       false)
+               if grep -E -qs "^# *session *required *pam_loginuid.so" /etc/pam.d/sshd
+               then
+                       sed -i -e 's|^#.*\(session.*required.*pam_loginuid.so\)$|\1|' /etc/pam.d/sshd
+               fi
+               ;;
+esac
+
 # Recreating openssh-server host keys
 for _PROTOCOL in dsa rsa ecdsa
 do
index 8b13789..ae4fd0c 100644 (file)
@@ -1 +1,11 @@
+Template: live-debconfig/title
+Type: title
+Description: live-debconfig: System Configuration
 
+Template: live-debconfig/openssh-server/lxc-enable
+Type: boolean
+Default:
+Description: live-debconfig: Enable LXC?
+ Should Linux Container (LXC) support  be enabled?
+ .
+ This defaults to false.