[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: init scripts macros for openssh alternative

Circa 2003-03-07 12:45:38 -0500 dixit Robin Mordasiewicz:
: On Fri, 7 Mar 2003, Jim Knoble wrote:
: > Why not use the source RPM from the portable OpenSSH project as a
: > starting point?
: MY rpm has to be able to overwrite/remove the redhat openssh rpm and I
: want to package it so that it does not have separate server/client
: packages.

I suspect that this is your problem.  See below.

: the trouble is that when I upgrade the openssh rpm it seems that the
: very last thing that is done is that ssh is shut down. I am guessing
: that the %postun nad %preun scripts from the original package are
: run at the end of everything.
: I am upgrading the openssh-server package which has a trigger to
: shut down ssh if it is uninstalled.

Not a trigger, but a preuninstall scriptlet (triggers are different

    $ cat /etc/redhat-release 
    Red Hat Linux release 8.0.93 (Phoebe)
    $ rpm -q --scripts openssh-server
    preinstall scriptlet (through /bin/sh):
    /usr/sbin/useradd -c "Privilege-separated SSH" -u 74 \
            -s /sbin/nologin -r -d /var/empty/sshd sshd 2> /dev/null || :
    postinstall scriptlet (through /bin/sh):
    /sbin/chkconfig --add sshd
+-> preuninstall scriptlet (through /bin/sh):
|   if [ "$1" = 0 ]
|   then
|           /sbin/service sshd stop > /dev/null 2>&1 || :
|           /sbin/chkconfig --del sshd
+-> fi
    postuninstall scriptlet (through /bin/sh):
    /sbin/service sshd condrestart > /dev/null 2>&1 || :

Note the test at the beginning of the %preun scriptlet which checks to
see if you're upgrading the package---which, in this case, is
openssh-server.  If your package isn't called 'openssh-server', then
it's not an upgrade, even if your package has an 'Obsoletes:' directive.

: Is there somewhere I can specify in my spec file to not run trigger
: scripts from other rpm's when upgrading or is there a section that
: comes very very last after other triggers and scripts from other
: packages, where I can execute the start up script.

In this case, you're a bit out of luck, if you don't want sshd to be
killed during the upgrade; all you can do is something like:

  rpm --erase --noscripts openssh-server
  rpm -Uvh your-openssh-packages

If you don't really care whether sshd stops during the upgrade to your
packages (thus killing the ssh session you're performing the upgrade
from, for example), but instead whether sshd is running at the end of
the upgrade, then you can use a %triggerpostun scriptlet in the package
which is replacing openssh-server:

  %triggerpostun -- openssh-server
  if [ x"$2" = x"0" ]; then
    /sbin/chkconfig --add sshd || exit 1
    /sbin/service sshd start || exit 1

See /usr/share/doc/rpm-*/triggers.

(Note that, if you do this, you should carefully check how the
 /etc/ssh/sshd_config file looks after your replacement package is
 installed: Does it decrease security for your environment?  Does it
 decrease (or increase) availability to the system you're performing
 the upgrade on?)

Good luck.

jim knoble  |  jmknoble@pobox.com  |  http://www.pobox.com/~jmknoble/
(GnuPG fingerprint: 31C4:8AAC:F24E:A70C:4000::BBF4:289F:EAA8:1381:1491)
Stop the War on Freedom ... Start the War on Poverty!

Attachment: pgp00006.pgp
Description: PGP signature

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []