Merge pull request #244 from himmelblau-idm/stable-0.6.x_rm_sshd_config

Move sshd config into it's own debian package
himmelblau-idm · Oct 14, 2024 · 561c6d1 · 561c6d1
2 parents 5069708 + 42fc2ad
commit 561c6d1
Show file tree

Hide file tree

Showing 9 changed files with 25 additions and 19 deletions.
diff --git a/Cargo.toml b/Cargo.toml
@@ -12,11 +12,12 @@ members = [
 	"src/users",
 	"src/idmap",
 	"src/file_permissions",
+	"src/sshd-config",
 ]
 resolver = "2"
 
 [workspace.package]
-version = "0.6.10"
+version = "0.6.11"
 authors = [
     "David Mulder <[email protected]>"
 ]
@@ -76,7 +77,7 @@ tracing-forest = "^0.1.6"
 rusqlite = "^0.32.0"
 hashbrown = { version = "0.14.0", features = ["serde", "inline-more", "ahash"] }
 lru = "^0.12.3"
-kanidm_lib_crypto = { path = "./src/crypto", version = "0.6.10" }
+kanidm_lib_crypto = { path = "./src/crypto", version = "0.6.11" }
 kanidm_utils_users = { path = "./src/users" }
 walkdir = "2"
 csv = "1.2.2"

diff --git a/images/ubuntu/Dockerfile.22.04 b/images/ubuntu/Dockerfile.22.04
@@ -48,4 +48,4 @@ WORKDIR /himmelblau
 RUN cargo install cargo-deb
 
 # Build the project and create the .deb package
-CMD cargo deb --deb-revision=ubuntu22.04 -p himmelblaud && cargo deb --deb-revision=ubuntu22.04 -p nss_himmelblau && cargo deb --deb-revision=ubuntu22.04 -p pam_himmelblau
+CMD cargo deb --deb-revision=ubuntu22.04 -p himmelblaud && cargo deb --deb-revision=ubuntu22.04 -p nss_himmelblau && cargo deb --deb-revision=ubuntu22.04 -p pam_himmelblau && cargo deb --deb-revision=ubuntu22.04 -p sshd-config
diff --git a/images/ubuntu/Dockerfile.24.04 b/images/ubuntu/Dockerfile.24.04
@@ -48,4 +48,4 @@ WORKDIR /himmelblau
 RUN cargo install cargo-deb
 
 # Build the project and create the .deb package
-CMD cargo deb --deb-revision=ubuntu24.04 -p himmelblaud && cargo deb --deb-revision=ubuntu24.04 -p nss_himmelblau && cargo deb --deb-revision=ubuntu24.04 -p pam_himmelblau
+CMD cargo deb --deb-revision=ubuntu24.04 -p himmelblaud && cargo deb --deb-revision=ubuntu24.04 -p nss_himmelblau && cargo deb --deb-revision=ubuntu24.04 -p pam_himmelblau && cargo deb --deb-revision=ubuntu24.04 -p sshd-config
diff --git a/platform/debian/scripts/postinst b/platform/debian/scripts/postinst
@@ -26,11 +26,3 @@ if [[ -f /etc/apparmor.d/unix-chkpwd ]]; then
 	# Reload the AppArmor profile to apply the changes
 	sudo apparmor_parser -r /etc/apparmor.d/unix-chkpwd
 fi
-
-# Only set the sshd config if the ssh server is already installed
-SSHD_CONFIG_DIR="/etc/ssh/sshd_config.d"
-SSHD_CONFIG_FILE="${SSHD_CONFIG_DIR}/himmelblau.conf"
-if [ -d "$SSHD_CONFIG_DIR" ]; then
-    echo "KbdInteractiveAuthentication yes" > "$SSHD_CONFIG_FILE"
-    echo "Please restart the ssh daemon to ensure MFA works properly!"
-fi
diff --git a/platform/debian/scripts/postrm b/platform/debian/scripts/postrm
@@ -26,9 +26,3 @@ if [[ -f /etc/apparmor.d/unix-chkpwd ]]; then
 	# Reload the AppArmor profile to apply the changes
 	sudo apparmor_parser -r /etc/apparmor.d/unix-chkpwd
 fi
-
-# Remove the sshd config file if it was created during install
-SSHD_CONFIG_FILE="/etc/ssh/sshd_config.d/himmelblau.conf"
-if [ -f "$SSHD_CONFIG_FILE" ]; then
-    rm "$SSHD_CONFIG_FILE"
-fi
diff --git a/platform/debian/sshd_config b/platform/debian/sshd_config
@@ -0,0 +1 @@
+KbdInteractiveAuthentication yes
diff --git a/src/pam/Cargo.toml b/src/pam/Cargo.toml
@@ -33,4 +33,3 @@ assets = [
   ["../../platform/debian/apparmor.unix-chkpwd.local", "etc/apparmor.d/local/unix-chkpwd", "644"],
 ]
 maintainer-scripts = "../../platform/debian/scripts"
-recommends = ["openssh-server"]
diff --git a/src/sshd-config/Cargo.toml b/src/sshd-config/Cargo.toml
@@ -0,0 +1,19 @@
+[package]
+name = "sshd-config"
+version.workspace = true
+authors.workspace = true
+rust-version.workspace = true
+edition.workspace = true
+license.workspace = true
+homepage.workspace = true
+repository.workspace = true
+
+[lib]
+path = "src/lib.rs"
+
+[package.metadata.deb]
+name = "himmelblau-sshd-config"
+depends = ["openssh-server"]
+assets = [
+  ["../../platform/debian/sshd_config", "etc/ssh/sshd_config.d/himmelblau.conf", "644"],
+]
diff --git a/src/sshd-config/src/lib.rs b/src/sshd-config/src/lib.rs