diff --git a/usr/lib/systemd/system/console-login-helper-messages-issuegen.path b/usr/lib/systemd/system/console-login-helper-messages-issuegen.path new file mode 100644 index 0000000..815ef43 --- /dev/null +++ b/usr/lib/systemd/system/console-login-helper-messages-issuegen.path @@ -0,0 +1,9 @@ +[Unit] +Description=Monitor console-login-helper-messages runtime issue snippets directory for changes + +[Path] +PathChanged=/run/console-login-helper-messages/issue.d +Unit=console-login-helper-messages-issuegen.service + +[Install] +WantedBy=multi-user.target diff --git a/usr/lib/systemd/system/console-login-helper-messages-issuegen.service b/usr/lib/systemd/system/console-login-helper-messages-issuegen.service index d2ec5cf..15f65bd 100644 --- a/usr/lib/systemd/system/console-login-helper-messages-issuegen.service +++ b/usr/lib/systemd/system/console-login-helper-messages-issuegen.service @@ -1,12 +1,32 @@ [Unit] -Description=Generate /run/issue.d/console-login-helper-messages.issue +Description=Generate console-login-helper-messages issue snippet Before=systemd-user-sessions.service Wants=network-online.target After=network-online.target sshd-keygen.target +# The issue file generated by `issuegen` shown at the serial console should be +# kept up to date, no matter the number of successive start requests within a +# given time interval. However, it is unlikely that the configured defaults on +# a system for start request rate limiting of this unit (through +# StartLimitIntervalSec= and StartLimitBurst=) would be exceeded. For example, +# typical scenarios causing this service to be started would be through the +# udev rule `90-console-login-helper-messages-if_snippets_gen`, which are +# likely to involve low numbers of start requests (one for every time a network +# device is connected or disconnected). This unit therefore does not set any +# rate-limiting parameters. However, if this unit is often failing with +# `start-limit-hit`, try disabling rate limiting for this unit by uncommenting +# the following: +#StartLimitIntervalSec=0 + [Service] Type=oneshot -RemainAfterExit=yes +# This service expects to be started repeatedly after exiting (whenever a new +# runtime issue snippet is dropped into the directory watched by +# `console-login-helper-messages-issuegen.path`). `RemainAfterExit` is thus +# explicitly set to `no`, so that the service can re-execute (otherwise, +# `start` on this service after it has exited once before does not have any +# effect). +RemainAfterExit=no ExecStart=/usr/libexec/console-login-helper-messages/issuegen [Install] diff --git a/usr/lib/udev/rules.d/90-console-login-helper-messages-if_snippets_gen.rules b/usr/lib/udev/rules.d/90-console-login-helper-messages-if_snippets_gen.rules new file mode 100644 index 0000000..d6185e9 --- /dev/null +++ b/usr/lib/udev/rules.d/90-console-login-helper-messages-if_snippets_gen.rules @@ -0,0 +1,2 @@ +ACTION=="add", SUBSYSTEM=="net", ENV{INTERFACE}=="e*", RUN+="/usr/libexec/console-login-helper-messages/if_snippets_gen add $env{INTERFACE}" +ACTION=="remove", SUBSYSTEM=="net", ENV{INTERFACE}=="e*", RUN+="/usr/libexec/console-login-helper-messages/if_snippets_gen remove $env{INTERFACE}" diff --git a/usr/lib/udev/rules.d/90-console-login-helper-messages-issuegen.rules b/usr/lib/udev/rules.d/90-console-login-helper-messages-issuegen.rules deleted file mode 100644 index 59134df..0000000 --- a/usr/lib/udev/rules.d/90-console-login-helper-messages-issuegen.rules +++ /dev/null @@ -1,2 +0,0 @@ -ACTION=="add", SUBSYSTEM=="net", ENV{INTERFACE}=="e*", RUN+="/usr/libexec/console-login-helper-messages/issuegen add $env{INTERFACE}" -ACTION=="remove", SUBSYSTEM=="net", ENV{INTERFACE}=="e*", RUN+="/usr/libexec/console-login-helper-messages/issuegen remove $env{INTERFACE}" diff --git a/usr/libexec/console-login-helper-messages/if_snippets_gen b/usr/libexec/console-login-helper-messages/if_snippets_gen new file mode 100755 index 0000000..bffd919 --- /dev/null +++ b/usr/libexec/console-login-helper-messages/if_snippets_gen @@ -0,0 +1,17 @@ +#!/bin/bash + +# Generate snippets for network devices, invoked by a udev rule. + +set -e + +. "$(dirname ${0})/issue_defs" + +# Add/remove data from udev rules. +case "$1" in + add) + echo "${2}: \\4{${2}} \\6{${2}}" > "${RUN_SNIPPETS}/22_${2}" + ;; + remove) + rm -f "${RUN_SNIPPETS}/22_${2}" + ;; +esac diff --git a/usr/libexec/console-login-helper-messages/issue_defs b/usr/libexec/console-login-helper-messages/issue_defs new file mode 100755 index 0000000..38c718d --- /dev/null +++ b/usr/libexec/console-login-helper-messages/issue_defs @@ -0,0 +1,12 @@ +#!/bin/bash + +PKG_NAME=console-login-helper-messages +ISSUE_SNIPPETS_PATH=${PKG_NAME}/issue.d +ETC_SNIPPETS="/etc/${ISSUE_SNIPPETS_PATH}" +RUN_SNIPPETS="/run/${ISSUE_SNIPPETS_PATH}" +USR_LIB_SNIPPETS="/usr/lib/${ISSUE_SNIPPETS_PATH}" + + +# Make sure the `${RUN_SNIPPETS}` directory is created upfront, +# as it may be written to by callers of this script. +mkdir -p "${RUN_SNIPPETS}" diff --git a/usr/libexec/console-login-helper-messages/issuegen b/usr/libexec/console-login-helper-messages/issuegen index 2bceb11..0be73c9 100755 --- a/usr/libexec/console-login-helper-messages/issuegen +++ b/usr/libexec/console-login-helper-messages/issuegen @@ -1,7 +1,7 @@ #!/bin/bash -# Get updated system information, including SSH keys and network devices, -# and generate an issue to display before login. +# Get updated system information, including SSH keys, and generate an +# issue to display before login. # Copyright (c) 2019 Fedora CoreOS Authors. All rights reserved. # Copyright (c) 2013 The CoreOS Authors. All rights reserved. @@ -13,15 +13,7 @@ set -e -PKG_NAME=console-login-helper-messages -ISSUE_SNIPPETS_PATH=${PKG_NAME}/issue.d -ETC_SNIPPETS="/etc/${ISSUE_SNIPPETS_PATH}" -RUN_SNIPPETS="/run/${ISSUE_SNIPPETS_PATH}" -USR_LIB_SNIPPETS="/usr/lib/${ISSUE_SNIPPETS_PATH}" - -# Parts of this script write to the `${RUN_SNIPPETS}` directory, -# make sure it is created upfront. -mkdir -p "${RUN_SNIPPETS}" +. "$(dirname ${0})/issue_defs" # Provide key fingerprints via issue. @@ -33,17 +25,6 @@ for KEY_FILE in $(find "${SSH_DIR}" -name 'ssh_host_*_key') ; do done | awk '{print "SSH host key: " $2 " " $4}' > "${RUN_SNIPPETS}/21_ssh_host_keys.issue" -# Add/remove data from udev rules. -case "$1" in - add) - echo "${2}: \\4{${2}} \\6{${2}}" > "${RUN_SNIPPETS}/22_${2}.issue" - ;; - remove) - rm -f "${RUN_SNIPPETS}/22_${2}.issue" - ;; -esac - - # Generate a final issue message from compiling the snippets. # Pick 40 as a prefix as other files can order around it easily. generated="/run/${PKG_NAME}/40_${PKG_NAME}.issue"