diff options
| author | Lennart Poettering <lennart@poettering.net> | 2024-03-01 11:25:52 +0100 |
|---|---|---|
| committer | Yu Watanabe <watanabe.yu+github@gmail.com> | 2024-04-03 18:01:10 +0200 |
| commit | 5360b10f29d72b6424cbaab7cb5d65cf95fcc828 (patch) | |
| tree | e3a5976cc62d67d5f05ab4fd448fa3691430209d /tmpfiles.d | |
| parent | Merge pull request #32065 from bluca/dlopen_debug (diff) | |
| download | systemd-5360b10f29d72b6424cbaab7cb5d65cf95fcc828.tar.xz systemd-5360b10f29d72b6424cbaab7cb5d65cf95fcc828.zip | |
ssh-generator: create privsep dir via tmpfiles.d/ if we are told to
To make it easy to have a workable ssh-generator on various distros,
let's optionally generate the ssh privsep dir via tmpfiles.d/ drop-in.
This enables the concept with a path of /run/sshd/ as default. This is
the path Debian/Ubuntu uses, and means that we just work on those
distros. Debian/Ubuntu is the only distro (apparently?) that puts the
privsep dir under /run/, hence always needs the dir to be created
manually. Other distros don't need it that much, because they place the
dir in /usr/ (fedora, best choice!) or /var/ (others, not ideal, because
still mutable).
Also adds a longer explanation about this in NEWS, in the hope that
distro maintaines read that and maybe start cleaning this up.
Alternative to: #31543
Diffstat (limited to 'tmpfiles.d')
| -rw-r--r-- | tmpfiles.d/20-systemd-ssh-generator.conf.in | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/tmpfiles.d/20-systemd-ssh-generator.conf.in b/tmpfiles.d/20-systemd-ssh-generator.conf.in index 033379ec7a..6d1a6a3e31 100644 --- a/tmpfiles.d/20-systemd-ssh-generator.conf.in +++ b/tmpfiles.d/20-systemd-ssh-generator.conf.in @@ -8,3 +8,6 @@ # See tmpfiles.d(5) for details L {{SSHCONFDIR}}/20-systemd-ssh-proxy.conf - - - - {{LIBEXECDIR}}/ssh_config.d/20-systemd-ssh-proxy.conf +{% if CREATE_SSHDPRIVSEPDIR %} +d {{SSHDPRIVSEPDIR}} 0755 +{% endif %} |