From cfc05e2e8fbbf36ae22544299257318f65162b27 Mon Sep 17 00:00:00 2001 From: Liam Hopkins Date: Wed, 14 Apr 2021 15:44:12 -0700 Subject: [PATCH] start sshd (#106) --- google_guest_agent/non_windows_accounts.go | 9 ++++ google_guest_agent/oslogin.go | 53 ++++++++++++---------- 2 files changed, 37 insertions(+), 25 deletions(-) diff --git a/google_guest_agent/non_windows_accounts.go b/google_guest_agent/non_windows_accounts.go index 04f87341..de21f72d 100644 --- a/google_guest_agent/non_windows_accounts.go +++ b/google_guest_agent/non_windows_accounts.go @@ -178,6 +178,15 @@ func (a *accountsMgr) set() error { if err := writeGoogleUsersFile(); err != nil { logger.Errorf("Error writing google_users file: %v.", err) } + + // Start SSHD if not started. We do this in agent instead of adding a + // Wants= directive, and here instead of instance setup, so that this + // can be disabled by the instance configs file. + for _, svc := range []string{"ssh", "sshd"} { + // Ignore output, it's just a best effort. + startService(svc, false) + } + return nil } diff --git a/google_guest_agent/oslogin.go b/google_guest_agent/oslogin.go index 18f09817..e6941ae9 100644 --- a/google_guest_agent/oslogin.go +++ b/google_guest_agent/oslogin.go @@ -103,12 +103,22 @@ func (o *osloginMgr) set() error { logger.Errorf("Error updating group.conf: %v.", err) } - for _, svc := range []string{"ssh", "sshd", "nscd", "unscd", "systemd-logind", "cron", "crond"} { + for _, svc := range []string{"nscd", "unscd", "systemd-logind", "cron", "crond"} { if err := restartService(svc); err != nil { logger.Errorf("Error restarting service: %v.", err) } } + // SSH should be explicitly started if not running. + for _, svc := range []string{"ssh", "sshd"} { + if err := startService(svc, true); err != nil { + logger.Errorf("Error restarting service: %v.", err) + } else { + // Stop on first matching, to avoid double restarting. + break + } + } + if enable { if err := createOSLoginDirs(); err != nil { logger.Errorf("Error creating OS Login directory: %v.", err) @@ -340,35 +350,28 @@ func createOSLoginSudoersFile() error { return sudoFile.Close() } -// restartService tries to restart a service on linux-like systems. It attempts -// to find and use the following mechanisms in order: -// 1. The `systemctl` utility, if in a systemd environment. -// 2. The `service` command, if present. -// 3. A SysVinit script directly, if present. -// Missing mechanisms and missing or disabled services are ignored. +// restartService tries to restart a systemd service if it is already running. func restartService(servicename string) error { - init, err := os.Readlink("/sbin/init") - if err == nil && strings.Contains(init, "systemd") { - if systemctl, err := exec.LookPath("systemctl"); err == nil { - if err := runCmd(exec.Command(systemctl, "is-active", servicename+".service")); err == nil { - return runCmd(exec.Command(systemctl, "restart", servicename+".service")) - } - return nil + if systemctl, err := exec.LookPath("systemctl"); err == nil { + if err := runCmd(exec.Command(systemctl, "is-active", servicename+".service")); err == nil { + return runCmd(exec.Command(systemctl, "restart", servicename+".service")) } } - service, err := exec.LookPath("service") - if err == nil { - if err := runCmd(exec.Command(service, servicename, "status")); err == nil { - return runCmd(exec.Command(service, servicename, "restart")) + + return nil +} + +// startService tries to start a systemd service. If the service is already +// running and restart is true, the service is restarted. +func startService(servicename string, restart bool) error { + if systemctl, err := exec.LookPath("systemctl"); err == nil { + started := nil == runCmd(exec.Command(systemctl, "is-active", servicename+".service")) + if !started { + return runCmd(exec.Command(systemctl, "start", servicename+".service")) } - return nil - } - initService := "/etc/init.d/" + servicename - if _, err := os.Stat(initService); err == nil { - if err := runCmd(exec.Command(initService, "status")); err == nil { - return runCmd(exec.Command(initService, "restart")) + if started && restart { + return runCmd(exec.Command(systemctl, "restart", servicename+".service")) } - return nil } return nil