From 72b4eadc2db6ed72625f3322f466d21c556ef69b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Antoine=20Beaupr=C3=A9?= Date: Thu, 18 Jun 2015 15:58:51 -0400 Subject: [PATCH 1/9] import from autossh package --- files/autossh.init.d | 98 ++++++++++++++++++++++++++++++++++++++++++++ manifests/autossh.pp | 34 +++++++++++++++ 2 files changed, 132 insertions(+) create mode 100644 files/autossh.init.d create mode 100644 manifests/autossh.pp diff --git a/files/autossh.init.d b/files/autossh.init.d new file mode 100644 index 0000000..fb3c57f --- /dev/null +++ b/files/autossh.init.d @@ -0,0 +1,98 @@ +#! /bin/sh + +### BEGIN INIT INFO +# Provides: autossh +# Required-Start: $remote_fs $syslog $network +# Required-Stop: $remote_fs $syslog +# Default-Start: 2 3 4 5 +# Default-Stop: +# Short-Description: Autossh for isuma +### END INIT INFO + +set -e + +umask 022 + +if test -f /etc/default/isuma-autossh; then + . /etc/default/isuma-autossh +fi + +. /lib/lsb/init-functions + +export PATH=/sbin:/bin:/usr/sbin:/usr/bin + +case "$1" in + start) + log_daemon_msg "Starting Autossh for isuma" "autossh" + if start-stop-daemon --quiet --start --background --pidfile /var/run/autossh-isuma.pid --make-pidfile --exec /usr/bin/autossh -- $AUTOSSH_ISUMA_OPTS; then + log_end_msg 0 + else + log_end_msg 1 + fi + ;; + stop) + log_daemon_msg "Stopping Autossh for isuma" "autossh" + if start-stop-daemon --stop --quiet --pidfile /var/run/autossh-isuma.pid ; then + log_end_msg 0 + else + log_end_msg 1 + fi + ;; + + reload|force-reload) + log_daemon_msg "Reloading Autossh for isuma's configuration" "autossh" + if start-stop-daemon --stop --signal 1 --quiet --oknodo --pidfile /var/run/autossh-isuma.pid; then + log_end_msg 0 + else + log_end_msg 1 + fi + ;; + + restart) + log_daemon_msg "Restarting Autossh for isuma" "autossh" + start-stop-daemon --stop --quiet --oknodo --retry 30 --pidfile /var/run/autossh-isuma.pid + if start-stop-daemon --start --quiet -b --make-pidfile --pidfile /var/run/autossh-isuma.pid --exec /usr/bin/autossh -- $AUTOSSH_ISUMA_OPTS; then + log_end_msg 0 + else + log_end_msg 1 + fi + ;; + + try-restart) + log_daemon_msg "Restarting Autossh for isuma" "autossh" + set +e + start-stop-daemon --stop --quiet --retry 30 --pidfile /var/run/autossh-isuma.pid + RET="$?" + set -e + case $RET in + 0) + # old daemon stopped + if start-stop-daemon --start --quiet --oknodo -b --pidfile /var/run/autossh-isuma.pid --make-pidfile --exec /usr/bin/autossh -- $AUTOSSH_ISUMA_OPTS; then + log_end_msg 0 + else + log_end_msg 1 + fi + ;; + 1) + # daemon not running + log_progress_msg "(not running)" + log_end_msg 0 + ;; + *) + # failed to stop + log_progress_msg "(failed to stop)" + log_end_msg 1 + ;; + esac + ;; + + status) + status_of_proc -p /var/run/autossh-isuma.pid /usr/sbin/autossh autossh && exit 0 || exit $? + ;; + + *) + log_action_msg "Usage: /etc/init.d/isuma-autossh {start|stop|reload|force-reload|restart|try-restart|status}" + exit 1 +esac + +exit 0 diff --git a/manifests/autossh.pp b/manifests/autossh.pp new file mode 100644 index 0000000..80d571b --- /dev/null +++ b/manifests/autossh.pp @@ -0,0 +1,34 @@ +class sshd::autossh($host, + $port = undef, # this should be a remote->local hash + $remote_user = undef, +) { + if $port { + $port_ensure = $port + } + else { + # random port between 10000 and 20000 + $port_ensure = fqdn_rand(10000) + 10000 + } + if $remote_user { + $remote_user_ensure = $remote_user + } + else { + $remote_user_ensure = "host-$fqdn" + } + file { + '/etc/init.d/autossh': + mode => '0555', + source => 'puppet:///modules/sshd/autossh.init.d'; + '/etc/default/autossh': + mode => '0444', + content => "DAEMON_OPTS='-o ServerAliveInterval=15 -o ServerAliveCountMax=4 -q -N -R $port_ensure:localhost:22 $user_ensure@$host'\n"; + } + service { 'autossh': + ensure => running, + enable => true, + subscribe => [ + File['/etc/init.d/autossh'], + File['/etc/default/autossh'] + ], + } +} From baf0a425d25294f2d218419cfd8e77be56168a95 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Antoine=20Beaupr=C3=A9?= Date: Thu, 18 Jun 2015 15:59:16 -0400 Subject: [PATCH 2/9] remove traces of isuma vendor --- files/autossh.init.d | 26 ++++++++++++++------------ manifests/autossh.pp | 10 +++++++--- 2 files changed, 21 insertions(+), 15 deletions(-) diff --git a/files/autossh.init.d b/files/autossh.init.d index fb3c57f..254fcdc 100644 --- a/files/autossh.init.d +++ b/files/autossh.init.d @@ -6,13 +6,15 @@ # Required-Stop: $remote_fs $syslog # Default-Start: 2 3 4 5 # Default-Stop: -# Short-Description: Autossh for isuma +# Short-Description: AutoSSH daemon ### END INIT INFO set -e umask 022 +PIDFILE=/var/run/autossh.pid + if test -f /etc/default/isuma-autossh; then . /etc/default/isuma-autossh fi @@ -23,16 +25,16 @@ export PATH=/sbin:/bin:/usr/sbin:/usr/bin case "$1" in start) - log_daemon_msg "Starting Autossh for isuma" "autossh" - if start-stop-daemon --quiet --start --background --pidfile /var/run/autossh-isuma.pid --make-pidfile --exec /usr/bin/autossh -- $AUTOSSH_ISUMA_OPTS; then + log_daemon_msg "Starting AutoSSH daemon" "autossh" + if start-stop-daemon --quiet --start --background --pidfile $PIDFILE --make-pidfile --exec /usr/bin/autossh -- $DAEMON_OPTS; then log_end_msg 0 else log_end_msg 1 fi ;; stop) - log_daemon_msg "Stopping Autossh for isuma" "autossh" - if start-stop-daemon --stop --quiet --pidfile /var/run/autossh-isuma.pid ; then + log_daemon_msg "Stopping AutoSSH daemon" "autossh" + if start-stop-daemon --stop --quiet --pidfile $PIDFILE ; then log_end_msg 0 else log_end_msg 1 @@ -40,8 +42,8 @@ case "$1" in ;; reload|force-reload) - log_daemon_msg "Reloading Autossh for isuma's configuration" "autossh" - if start-stop-daemon --stop --signal 1 --quiet --oknodo --pidfile /var/run/autossh-isuma.pid; then + log_daemon_msg "Reloading AutoSSH daemon" "autossh" + if start-stop-daemon --stop --signal 1 --quiet --oknodo --pidfile $PIDFILE; then log_end_msg 0 else log_end_msg 1 @@ -50,8 +52,8 @@ case "$1" in restart) log_daemon_msg "Restarting Autossh for isuma" "autossh" - start-stop-daemon --stop --quiet --oknodo --retry 30 --pidfile /var/run/autossh-isuma.pid - if start-stop-daemon --start --quiet -b --make-pidfile --pidfile /var/run/autossh-isuma.pid --exec /usr/bin/autossh -- $AUTOSSH_ISUMA_OPTS; then + start-stop-daemon --stop --quiet --oknodo --retry 30 --pidfile $PIDFILE + if start-stop-daemon --start --quiet -b --make-pidfile --pidfile $PIDFILE --exec /usr/bin/autossh -- $AUTOSSH_ISUMA_OPTS; then log_end_msg 0 else log_end_msg 1 @@ -61,13 +63,13 @@ case "$1" in try-restart) log_daemon_msg "Restarting Autossh for isuma" "autossh" set +e - start-stop-daemon --stop --quiet --retry 30 --pidfile /var/run/autossh-isuma.pid + start-stop-daemon --stop --quiet --retry 30 --pidfile $PIDFILE RET="$?" set -e case $RET in 0) # old daemon stopped - if start-stop-daemon --start --quiet --oknodo -b --pidfile /var/run/autossh-isuma.pid --make-pidfile --exec /usr/bin/autossh -- $AUTOSSH_ISUMA_OPTS; then + if start-stop-daemon --start --quiet --oknodo -b --pidfile $PIDFILE --make-pidfile --exec /usr/bin/autossh -- $AUTOSSH_ISUMA_OPTS; then log_end_msg 0 else log_end_msg 1 @@ -87,7 +89,7 @@ case "$1" in ;; status) - status_of_proc -p /var/run/autossh-isuma.pid /usr/sbin/autossh autossh && exit 0 || exit $? + status_of_proc -p $PIDFILE /usr/sbin/autossh autossh && exit 0 || exit $? ;; *) diff --git a/manifests/autossh.pp b/manifests/autossh.pp index 80d571b..e94d65b 100644 --- a/manifests/autossh.pp +++ b/manifests/autossh.pp @@ -23,12 +23,16 @@ class sshd::autossh($host, mode => '0444', content => "DAEMON_OPTS='-o ServerAliveInterval=15 -o ServerAliveCountMax=4 -q -N -R $port_ensure:localhost:22 $user_ensure@$host'\n"; } + package { 'autossh': + ensure => present, + } service { 'autossh': ensure => running, enable => true, subscribe => [ - File['/etc/init.d/autossh'], - File['/etc/default/autossh'] - ], + File['/etc/init.d/autossh'], + File['/etc/default/autossh'], + Package['autossh'], + ], } } From 7a18ca3c8f12bcf1933ee72b5bcbc4ef0f1a4251 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Antoine=20Beaupr=C3=A9?= Date: Thu, 18 Jun 2015 16:06:24 -0400 Subject: [PATCH 3/9] rewrite autossh startup script with dh_make template --- files/autossh.init.d | 217 ++++++++++++++++++++++++++++--------------- manifests/autossh.pp | 2 +- 2 files changed, 142 insertions(+), 77 deletions(-) diff --git a/files/autossh.init.d b/files/autossh.init.d index 254fcdc..191e425 100644 --- a/files/autossh.init.d +++ b/files/autossh.init.d @@ -1,100 +1,165 @@ -#! /bin/sh - +#!/bin/sh ### BEGIN INIT INFO -# Provides: autossh -# Required-Start: $remote_fs $syslog $network -# Required-Stop: $remote_fs $syslog -# Default-Start: 2 3 4 5 -# Default-Stop: -# Short-Description: AutoSSH daemon +# Provides: autossh +# Required-Start: $local_fs $network $remote_fs $syslog +# Required-Stop: $local_fs $network $remote_fs $syslog +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: start the autossh daemon +# Description: start the autossh daemon ### END INIT INFO -set -e +# Author: Antoine Beaupré -umask 022 +# Do NOT "set -e" -PIDFILE=/var/run/autossh.pid +# PATH should only include /usr/* if it runs after the mountnfs.sh script +PATH=/sbin:/usr/sbin:/bin:/usr/bin +DESC="autossh" +NAME=autossh +USER=$NAME +DAEMON=/usr/bin/autossh +DAEMON_ARGS="" +PIDFILE=/var/run/$NAME.pid +SCRIPTNAME=/etc/init.d/$NAME -if test -f /etc/default/isuma-autossh; then - . /etc/default/isuma-autossh -fi +# Read configuration variable file if it is present +[ -r /etc/default/$NAME ] && . /etc/default/$NAME +# Exit if the package is not installed +[ -x "$DAEMON" ] || exit 0 + +# Load the VERBOSE setting and other rcS variables +. /lib/init/vars.sh + +# Define LSB log_* functions. +# Depend on lsb-base (>= 3.2-14) to ensure that this file is present +# and status_of_proc is working. . /lib/lsb/init-functions -export PATH=/sbin:/bin:/usr/sbin:/usr/bin +# +# Function that starts the daemon/service +# +do_start() +{ + # Return + # 0 if daemon has been started + # 1 if daemon was already running + # 2 if daemon could not be started + start-stop-daemon --start --quiet --user $USER --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \ + || return 1 + start-stop-daemon --start --quiet --user $USER --chuid $USER --pidfile $PIDFILE --exec $DAEMON -- \ + $DAEMON_ARGS \ + || return 2 + # The above code will not work for interpreted scripts, use the next + # six lines below instead (Ref: #643337, start-stop-daemon(8) ) + #start-stop-daemon --start --quiet --pidfile $PIDFILE --startas $DAEMON \ + # --name $NAME --test > /dev/null \ + # || return 1 + #start-stop-daemon --start --quiet --pidfile $PIDFILE --startas $DAEMON \ + # --name $NAME -- $DAEMON_ARGS \ + # || return 2 + + # Add code here, if necessary, that waits for the process to be ready + # to handle requests from services started subsequently which depend + # on this one. As a last resort, sleep for some time. +} + +# +# Function that stops the daemon/service +# +do_stop() +{ + # Return + # 0 if daemon has been stopped + # 1 if daemon was already stopped + # 2 if daemon could not be stopped + # other if a failure occurred + start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --user $USER --name $NAME + RETVAL="$?" + [ "$RETVAL" = 2 ] && return 2 + # Wait for children to finish too if this is a daemon that forks + # and if the daemon is only ever run from this initscript. + # If the above conditions are not satisfied then add some other code + # that waits for the process to drop all resources that could be + # needed by services started subsequently. A last resort is to + # sleep for some time. + start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --user $USER --exec $DAEMON + [ "$?" = 2 ] && return 2 + # Many daemons don't delete their pidfiles when they exit. + rm -f $PIDFILE + return "$RETVAL" +} + +# +# Function that sends a SIGHUP to the daemon/service +# +do_reload() { + # + # If the daemon can reload its configuration without + # restarting (for example, when it is sent a SIGHUP), + # then implement that here. + # + start-stop-daemon --stop --signal 1 --quiet --pidfile $PIDFILE --name $NAME + return 0 +} case "$1" in start) - log_daemon_msg "Starting AutoSSH daemon" "autossh" - if start-stop-daemon --quiet --start --background --pidfile $PIDFILE --make-pidfile --exec /usr/bin/autossh -- $DAEMON_OPTS; then - log_end_msg 0 - else - log_end_msg 1 - fi + [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME" + do_start + case "$?" in + 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;; + 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;; + esac ;; stop) - log_daemon_msg "Stopping AutoSSH daemon" "autossh" - if start-stop-daemon --stop --quiet --pidfile $PIDFILE ; then - log_end_msg 0 - else - log_end_msg 1 - fi + [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME" + do_stop + case "$?" in + 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;; + 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;; + esac ;; - - reload|force-reload) - log_daemon_msg "Reloading AutoSSH daemon" "autossh" - if start-stop-daemon --stop --signal 1 --quiet --oknodo --pidfile $PIDFILE; then - log_end_msg 0 - else - log_end_msg 1 - fi + status) + status_of_proc -p "$PIDFILE" "$DAEMON" "$NAME" && exit 0 || exit $? ;; - - restart) - log_daemon_msg "Restarting Autossh for isuma" "autossh" - start-stop-daemon --stop --quiet --oknodo --retry 30 --pidfile $PIDFILE - if start-stop-daemon --start --quiet -b --make-pidfile --pidfile $PIDFILE --exec /usr/bin/autossh -- $AUTOSSH_ISUMA_OPTS; then - log_end_msg 0 - else - log_end_msg 1 - fi - ;; - - try-restart) - log_daemon_msg "Restarting Autossh for isuma" "autossh" - set +e - start-stop-daemon --stop --quiet --retry 30 --pidfile $PIDFILE - RET="$?" - set -e - case $RET in - 0) - # old daemon stopped - if start-stop-daemon --start --quiet --oknodo -b --pidfile $PIDFILE --make-pidfile --exec /usr/bin/autossh -- $AUTOSSH_ISUMA_OPTS; then - log_end_msg 0 - else - log_end_msg 1 - fi + #reload|force-reload) + # + # If do_reload() is not implemented then leave this commented out + # and leave 'force-reload' as an alias for 'restart'. + # + #log_daemon_msg "Reloading $DESC" "$NAME" + #do_reload + #log_end_msg $? + #;; + restart|force-reload) + # + # If the "reload" option is implemented then remove the + # 'force-reload' alias + # + log_daemon_msg "Restarting $DESC" "$NAME" + do_stop + case "$?" in + 0|1) + do_start + case "$?" in + 0) log_end_msg 0 ;; + 1) log_end_msg 1 ;; # Old process is still running + *) log_end_msg 1 ;; # Failed to start + esac ;; - 1) - # daemon not running - log_progress_msg "(not running)" - log_end_msg 0 - ;; - *) - # failed to stop - log_progress_msg "(failed to stop)" + *) + # Failed to stop log_end_msg 1 ;; esac ;; - - status) - status_of_proc -p $PIDFILE /usr/sbin/autossh autossh && exit 0 || exit $? - ;; - *) - log_action_msg "Usage: /etc/init.d/isuma-autossh {start|stop|reload|force-reload|restart|try-restart|status}" - exit 1 + #echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2 + echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2 + exit 3 + ;; esac -exit 0 +: diff --git a/manifests/autossh.pp b/manifests/autossh.pp index e94d65b..590f28b 100644 --- a/manifests/autossh.pp +++ b/manifests/autossh.pp @@ -21,7 +21,7 @@ class sshd::autossh($host, source => 'puppet:///modules/sshd/autossh.init.d'; '/etc/default/autossh': mode => '0444', - content => "DAEMON_OPTS='-o ServerAliveInterval=15 -o ServerAliveCountMax=4 -q -N -R $port_ensure:localhost:22 $user_ensure@$host'\n"; + content => "DAEMON_ARGS='-o ServerAliveInterval=15 -o ServerAliveCountMax=4 -q -N -R $port_ensure:localhost:22 $remote_user_ensure@$host'\n"; } package { 'autossh': ensure => present, From da1be21ebb354304b2844c6ffe3251d3df1a8597 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Antoine=20Beaupr=C3=A9?= Date: Thu, 18 Jun 2015 16:12:35 -0400 Subject: [PATCH 4/9] try to avoid conflicting with the isuma-local-servers package --- files/autossh.init.d | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/files/autossh.init.d b/files/autossh.init.d index 191e425..fdb2c16 100644 --- a/files/autossh.init.d +++ b/files/autossh.init.d @@ -1,6 +1,6 @@ #!/bin/sh ### BEGIN INIT INFO -# Provides: autossh +# Provides: AutoSSH # Required-Start: $local_fs $network $remote_fs $syslog # Required-Stop: $local_fs $network $remote_fs $syslog # Default-Start: 2 3 4 5 From cb9bceb04e35314c461a7cd1f9dff3561c5cd135 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Antoine=20Beaupr=C3=A9?= Date: Thu, 18 Jun 2015 16:07:18 -0400 Subject: [PATCH 5/9] allow customizing user --- manifests/autossh.pp | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/manifests/autossh.pp b/manifests/autossh.pp index 590f28b..fadc575 100644 --- a/manifests/autossh.pp +++ b/manifests/autossh.pp @@ -1,6 +1,7 @@ class sshd::autossh($host, - $port = undef, # this should be a remote->local hash - $remote_user = undef, + $port = undef, # this should be a remote->local hash + $remote_user = undef, + $user = 'root', ) { if $port { $port_ensure = $port @@ -21,7 +22,7 @@ class sshd::autossh($host, source => 'puppet:///modules/sshd/autossh.init.d'; '/etc/default/autossh': mode => '0444', - content => "DAEMON_ARGS='-o ServerAliveInterval=15 -o ServerAliveCountMax=4 -q -N -R $port_ensure:localhost:22 $remote_user_ensure@$host'\n"; + content => "USER=$user\nDAEMON_ARGS='-o ServerAliveInterval=15 -o ServerAliveCountMax=4 -q -N -R $port_ensure:localhost:22 $remote_user_ensure@$host'\n"; } package { 'autossh': ensure => present, From f794a976ca60d2dece62f778e56d1f7c0427dcc1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Antoine=20Beaupr=C3=A9?= Date: Thu, 18 Jun 2015 16:21:49 -0400 Subject: [PATCH 6/9] properly implement daemon --- files/autossh.init.d | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/files/autossh.init.d b/files/autossh.init.d index fdb2c16..95670d3 100644 --- a/files/autossh.init.d +++ b/files/autossh.init.d @@ -46,9 +46,9 @@ do_start() # 0 if daemon has been started # 1 if daemon was already running # 2 if daemon could not be started - start-stop-daemon --start --quiet --user $USER --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \ + start-stop-daemon --start --quiet --background --user $USER --pidfile $PIDFILE --makepidfile --exec $DAEMON --test > /dev/null \ || return 1 - start-stop-daemon --start --quiet --user $USER --chuid $USER --pidfile $PIDFILE --exec $DAEMON -- \ + start-stop-daemon --start --quiet --background --user $USER --chuid $USER --pidfile $PIDFILE --makepidfile --exec $DAEMON -- \ $DAEMON_ARGS \ || return 2 # The above code will not work for interpreted scripts, use the next From 50685a8bc739d28ab1df830c707d1091a94c08bb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Antoine=20Beaupr=C3=A9?= Date: Thu, 18 Jun 2015 16:22:08 -0400 Subject: [PATCH 7/9] implement autossh reload not sure what this was for, but it was in the original implementation --- files/autossh.init.d | 16 ++++++---------- 1 file changed, 6 insertions(+), 10 deletions(-) diff --git a/files/autossh.init.d b/files/autossh.init.d index 95670d3..bb1119e 100644 --- a/files/autossh.init.d +++ b/files/autossh.init.d @@ -124,16 +124,12 @@ case "$1" in status) status_of_proc -p "$PIDFILE" "$DAEMON" "$NAME" && exit 0 || exit $? ;; - #reload|force-reload) - # - # If do_reload() is not implemented then leave this commented out - # and leave 'force-reload' as an alias for 'restart'. - # - #log_daemon_msg "Reloading $DESC" "$NAME" - #do_reload - #log_end_msg $? - #;; - restart|force-reload) + reload|force-reload) + log_daemon_msg "Reloading $DESC" "$NAME" + do_reload + log_end_msg $? + ;; + restart) # # If the "reload" option is implemented then remove the # 'force-reload' alias From 7b99c89edf698d295dc21aba97800166c7961cf9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Antoine=20Beaupr=C3=A9?= Date: Thu, 18 Jun 2015 16:43:17 -0400 Subject: [PATCH 8/9] make autossh fork properly --- files/autossh.init.d | 9 ++++++--- manifests/autossh.pp | 9 +++++---- 2 files changed, 11 insertions(+), 7 deletions(-) diff --git a/files/autossh.init.d b/files/autossh.init.d index bb1119e..92bd5f4 100644 --- a/files/autossh.init.d +++ b/files/autossh.init.d @@ -19,13 +19,16 @@ DESC="autossh" NAME=autossh USER=$NAME DAEMON=/usr/bin/autossh -DAEMON_ARGS="" +DAEMON_ARGS="-f" PIDFILE=/var/run/$NAME.pid SCRIPTNAME=/etc/init.d/$NAME # Read configuration variable file if it is present [ -r /etc/default/$NAME ] && . /etc/default/$NAME +AUTOSSH_PIDFILE=$PIDFILE +export AUTOSSH_PIDFILE + # Exit if the package is not installed [ -x "$DAEMON" ] || exit 0 @@ -46,9 +49,9 @@ do_start() # 0 if daemon has been started # 1 if daemon was already running # 2 if daemon could not be started - start-stop-daemon --start --quiet --background --user $USER --pidfile $PIDFILE --makepidfile --exec $DAEMON --test > /dev/null \ + start-stop-daemon --start --quiet --user $USER --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \ || return 1 - start-stop-daemon --start --quiet --background --user $USER --chuid $USER --pidfile $PIDFILE --makepidfile --exec $DAEMON -- \ + start-stop-daemon --start --quiet --user $USER --chuid $USER --pidfile $PIDFILE --exec $DAEMON -- \ $DAEMON_ARGS \ || return 2 # The above code will not work for interpreted scripts, use the next diff --git a/manifests/autossh.pp b/manifests/autossh.pp index fadc575..1ded7eb 100644 --- a/manifests/autossh.pp +++ b/manifests/autossh.pp @@ -1,7 +1,8 @@ class sshd::autossh($host, - $port = undef, # this should be a remote->local hash - $remote_user = undef, - $user = 'root', + $port = undef, # this should be a remote->local hash + $remote_user = undef, + $user = 'root', + $pidfile = '/var/run/autossh.pid', ) { if $port { $port_ensure = $port @@ -22,7 +23,7 @@ class sshd::autossh($host, source => 'puppet:///modules/sshd/autossh.init.d'; '/etc/default/autossh': mode => '0444', - content => "USER=$user\nDAEMON_ARGS='-o ServerAliveInterval=15 -o ServerAliveCountMax=4 -q -N -R $port_ensure:localhost:22 $remote_user_ensure@$host'\n"; + content => "USER=$user\nPIDFILE=$pidfile\nDAEMON_ARGS='-f -o ServerAliveInterval=15 -o ServerAliveCountMax=4 -q -N -R $port_ensure:localhost:22 $remote_user_ensure@$host'\n"; } package { 'autossh': ensure => present, From 6ea0beb114cdb836cfe9b3ef67504f3641c518ca Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Antoine=20Beaupr=C3=A9?= Date: Thu, 18 Jun 2015 17:01:01 -0400 Subject: [PATCH 9/9] disable autossh control port this is important to make it easier to guess the ssh port from the central server. we rely on ServerAliveInterval instead to reconnect when we lose the server. this was unintentionally removed in november 2012 in the isuma-autossh package, saying it was "not supported everywhere" and due to some confusion about the defaults (defaults are to *enable* the port). see commit ec0ebdd9533a29ee4f62f9fbb84ee9e80219ef84 in there. --- manifests/autossh.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/autossh.pp b/manifests/autossh.pp index 1ded7eb..5650584 100644 --- a/manifests/autossh.pp +++ b/manifests/autossh.pp @@ -23,7 +23,7 @@ class sshd::autossh($host, source => 'puppet:///modules/sshd/autossh.init.d'; '/etc/default/autossh': mode => '0444', - content => "USER=$user\nPIDFILE=$pidfile\nDAEMON_ARGS='-f -o ServerAliveInterval=15 -o ServerAliveCountMax=4 -q -N -R $port_ensure:localhost:22 $remote_user_ensure@$host'\n"; + content => "USER=$user\nPIDFILE=$pidfile\nDAEMON_ARGS='-M0 -f -o ServerAliveInterval=15 -o ServerAliveCountMax=4 -q -N -R $port_ensure:localhost:22 $remote_user_ensure@$host'\n"; } package { 'autossh': ensure => present,