### ### Copyright 2000-2007 University of Illinois Board of Trustees ### All rights reserved. ### ### sshd.pm - sshd module for psgconf ### ### Campus Information Technologies and Educational Services ### University of Illinois at Urbana-Champaign ### package PSGConf::Control::sshd; use strict; use PSGConf::Action::RestartDaemon; use PSGConf::Action::GenerateFile::sshd_config; use PSGConf::Data::Boolean; use PSGConf::Data::List; use PSGConf::Data::Hash; use PSGConf::Data::String; use PSGConf::Control::Packages qw(_add_pkgs); ############################################################################### ### Constructor ############################################################################### sub new { my ($class, $psgconf) = @_; my ($self); $self = {}; bless($self, $class); ### So that _add_pkgs knows which directives to look at $self->{name} = 'sshd'; $self->{enable} = $self->{name} . '_enable'; $self->{packages} = $self->{name} . '_packages'; $psgconf->register_data( 'sshd_enable' => PSGConf::Data::Boolean->new( value => 'true', ), 'sshd_config_dir' => PSGConf::Data::String->new( 'value_abspath' => 1, value => '/etc' ), 'sshd_listen_addrs' => PSGConf::Data::Hash->new( 'value_optional' => 1 ), 'ssh_enable' => PSGConf::Data::Boolean->new( value => 'true', ), 'ssh_options' => PSGConf::Data::Hash->new(), 'sshd_options' => PSGConf::Data::Hash->new(), 'ssh_packages' => PSGConf::Data::List->new(), 'sshd_packages' => PSGConf::Data::List->new(), 'sshd_subsystems' => PSGConf::Data::Hash->new(), 'sshd_cmd' => PSGConf::Data::String->new( 'value_abspath' => 1, value => "/usr/sbin/sshd", ) ); $psgconf->register_policy($self, sshd_default_pidfile => '_policy_default_pidfile', sshd_enable_rc_scripts => '_policy_enable_rc_scripts', ssh_add_packages => '_policy_add_packages' ); return $self; } ############################################################################### ### policy method ############################################################################### sub _policy_add_packages { my ($self, $psgconf) = @_; ### Call the _add_pkgs for the sshd stuff. $self->_add_pkgs($psgconf); ### Now hack up the call and call again fir the ssh itself. $self->{enable} = 'ssh_enable'; $self->{packages} = 'ssh_packages'; $self->_add_pkgs($psgconf); } ### set default pidfile location sub _policy_default_pidfile { my ($self, $psgconf) = @_; $psgconf->data_obj('sshd_options')->insert( { 'PidFile' => $psgconf->data_obj('pidfile_dir')->get() . '/sshd.pid' } ) if (!defined $psgconf->data_obj('sshd_options')->find('PidFile')); } sub _policy_enable_rc_scripts { my ($self, $psgconf) = @_; my ($pidfile); $pidfile = $psgconf->data_obj('sshd_options')->find('PidFile'); if ( $psgconf->data_obj('sshd_enable')->equals('true')) { $psgconf->data_obj('rc_scripts')->insert( { 'sshd' => { 'state' => 'enable', 'start_cmd' => $psgconf->data_obj('sshd_cmd')->get(), 'stop_cmd' => "kill `cat $pidfile`" } } ); } } ############################################################################### ### decide() method ############################################################################### sub decide { my ($self, $psgconf) = @_; my ($config_dir); $config_dir = $psgconf->data_obj('sshd_config_dir')->get(); if ($psgconf->data_obj('sshd_enable')->equals('true')) { $psgconf->register_actions( PSGConf::Action::GenerateFile::sshd_config->new( name => $config_dir . '/sshd_config', description => 'sshd configuration file', listen_addrs => $psgconf->data_obj('sshd_listen_addrs')->get(), host_keys => [ glob($config_dir . '/ssh_host_*key') ], options => $psgconf->data_obj('sshd_options')->get(), subsystems => $psgconf->data_obj('sshd_subsystems')->get() ), PSGConf::Action::RestartDaemon->new( name => 'sshd', pidfile => $psgconf->data_obj('sshd_options')->find('PidFile'), filename => [ $config_dir . '/sshd_config', # FIXME: Need to check that the sshd # command was updated so we know to bounce # the daemon itself. $psgconf->data_obj('sshd_cmd')->get() ] ) ); } $psgconf->register_actions( PSGConf::Action::GenerateFile::sshd_config->new( 'name' => $config_dir . '/ssh_config', 'description' => 'ssh configuration file', 'options' => $psgconf->data_obj('ssh_options')->get() ) ) if ($psgconf->data_obj('ssh_enable')->equals('true')); } ############################################################################### ### documentation ############################################################################### 1; __END__ =head1 NAME PSGConf::Control::sshd - psgconf control class for sshd =head1 SYNOPSIS In F: Control PSGConf::Control::sshd =head1 DESCRIPTION The B module provides a B control object for configuring C. It supports the following methods: =over 4 =item new() The constructor. Its parameter is a reference to the B object. It registers the following data objects: =over 4 =item I A B object to decide whether F should be mananged. =item I A B object to decide whether F should be mananged. =item I A B object containing the SSH packages to install. =item I A B object containing the SSH server packages to install. =item I A B object that contains the absolute path to the directory containing C config files. The default is F. =item I A B object whose keys are a list of addresses to listen on. =item I A B object containing C options and their settings. =item I A B object containing C options and their settings. =item I A B object containing C subsystems. The hash key is the name of the subsystem, and the value is the program that implements the subsystem. =back The constructor also registers the following policy methods: =over 4 =item I If the I object does not contain an entry for the C option, set it to F/sshd.pid>. (The I object is provided by the B module.) =item I Modifies the I data object (provided by B) to enable C, based on the F data object. =back =item decide() Registers B action objects to create F and F, if F and I are set (respectively). =back =head1 SEE ALSO L sshd(8) L L L L L L L L L L L L =cut