From mboxrd@z Thu Jan  1 00:00:00 1970
Return-path: <ptxdist-bounces@pengutronix.de>
Received: from mo4-p00-ob.smtp.rzone.de ([85.215.255.22])
 by metis.ext.pengutronix.de with esmtps
 (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92)
 (envelope-from <artur@4wiebe.de>) id 1kdZvn-0004ES-Dh
 for ptxdist@pengutronix.de; Fri, 13 Nov 2020 15:20:04 +0100
From: Artur Wiebe <artur@4wiebe.de>
Date: Fri, 13 Nov 2020 15:19:55 +0100
Message-Id: <20201113141955.3477005-1-artur@4wiebe.de>
MIME-Version: 1.0
Subject: [ptxdist] [PATCH] DRAFT: openssh: make host key generation optional
List-Id: PTXdist Development Mailing List <ptxdist.pengutronix.de>
List-Unsubscribe: <http://metis.pengutronix.de/cgi-bin/mailman/options/ptxdist>, 
 <mailto:ptxdist-request@pengutronix.de?subject=unsubscribe>
List-Archive: <http://metis.pengutronix.de/cgi-bin/mailman/private/ptxdist/>
List-Post: <mailto:ptxdist@pengutronix.de>
List-Help: <mailto:ptxdist-request@pengutronix.de?subject=help>
List-Subscribe: <http://metis.pengutronix.de/cgi-bin/mailman/listinfo/ptxdist>, 
 <mailto:ptxdist-request@pengutronix.de?subject=subscribe>
Reply-To: ptxdist@pengutronix.de
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: ptxdist-bounces@pengutronix.de
Sender: "ptxdist" <ptxdist-bounces@pengutronix.de>
To: ptxdist@pengutronix.de
Cc: Artur Wiebe <artur@4wiebe.de>

How can openssh.postinst be disabled from within the rule files?
---
 rules/openssh.in   | 14 ++++++++++----
 rules/openssh.make |  2 ++
 2 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/rules/openssh.in b/rules/openssh.in
index 09f5c5555..f9d1affbd 100644
--- a/rules/openssh.in
+++ b/rules/openssh.in
@@ -6,10 +6,10 @@ menuconfig OPENSSH
 	select OPENSSL
 	select LIBC_CRYPT
 	select LIBC_UTIL
-	select RC_ONCE if OPENSSH_SSHD && RUNTIME
+	select RC_ONCE if OPENSSH_SSHD_GENKEYS && RUNTIME
 	select BUSYBOX_START_STOP_DAEMON if OPENSSH_SSHD_STARTSCRIPT
 	select LIBSELINUX if GLOBAL_SELINUX
-	select OPENSSH_KEYGEN if OPENSSH_SSHD
+	select OPENSSH_KEYGEN if OPENSSH_SSHD_GENKEYS
 	prompt "openssh                       "
 	help
 	  secure shell client/server, an rlogin/rsh/rcp replacement
@@ -40,15 +40,21 @@ config OPENSSH_SSHD
 config OPENSSH_SSHD_STARTSCRIPT
 	bool
 	default y
-	depends on OPENSSH_SSHD
+	depends on OPENSSH_SSHD && INITMETHOD_BBINIT
 	prompt "install /etc/init.d/openssh"
 
 config OPENSSH_SSHD_SYSTEMD_UNIT
 	bool
 	default y
-	depends on OPENSSH_SSHD && SYSTEMD
+	depends on OPENSSH_SSHD && INITMETHOD_SYSTEMD
 	prompt "install systemd unit files for sshd"
 
+config OPENSSH_SSHD_GENKEYS
+	bool
+	default y
+	depends on OPENSSH_SSHD
+	prompt "generate sshd host keys at first boot"
+
 config OPENSSH_SCP
 	bool "scp"
 	help
diff --git a/rules/openssh.make b/rules/openssh.make
index cae04487f..0da2f23cd 100644
--- a/rules/openssh.make
+++ b/rules/openssh.make
@@ -105,8 +105,10 @@ ifdef PTXCONF_OPENSSH_SSHD
 		/etc/ssh/moduli)
 	@$(call install_copy, openssh, 0, 0, 0755, -, \
 		/usr/sbin/sshd)
+ifdef OPENSSH_SSHD_GENKEYS
 	@$(call install_alternative, openssh, 0, 0, 0755, /etc/rc.once.d/openssh)
 endif
+endif
 
 ifdef PTXCONF_INITMETHOD_BBINIT
 ifdef PTXCONF_OPENSSH_SSHD_STARTSCRIPT
-- 
2.29.2


_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de