View previous topic :: View next topic |
Author |
Message |
Ant P. Watchman
Joined: 18 Apr 2009 Posts: 6920
|
Posted: Thu Apr 05, 2018 4:54 am Post subject: Any way to make opensshd respect login.defs? |
|
|
I have a server that I'm frequently forgetting to update the default boot kernel on (using UEFI BootOnce to test new ones so it always falls back to the last "safe" kernel I manually installed, but it can be months old when that happens).
So I thought I'd be clever and set “MOTD_FILE /proc/version:/etc/motd” in login.defs, so that I can see at a glance if it's running what I expect. It seems sshd has hardcoded emulation for various bits of login.defs functionality making for some confusing debugging, but I eventually figured out it doesn't do this thing I want. I can run login(1) manually and see that it works there, but there's probably a good reason ssh doesn't run that itself. Is there any way to get the full login behaviour over ssh, or should I just give up and use bashrc for stuff like this? |
|
Back to top |
|
|
krinn Watchman
Joined: 02 May 2003 Posts: 7470
|
Posted: Thu Apr 05, 2018 1:38 pm Post subject: |
|
|
Code: | >echo "$(cat /proc/version)" > /etc/motd
>ssh beleg
Linux version 4.14.11 (root@beleg) (gcc version 5.4.0 (Gentoo 5.4.0-r3 p1.3, pie-0.6.5)) #2 SMP PREEMPT Wed Jan 10 15:11:16 CET 2018
|
Yes, that simple |
|
Back to top |
|
|
Hu Moderator
Joined: 06 Mar 2007 Posts: 21558
|
Posted: Fri Apr 06, 2018 2:15 am Post subject: |
|
|
Useless Use of Cat and Useless Use of Echo. That could be done with cp, but none of this answers his question. |
|
Back to top |
|
|
Ant P. Watchman
Joined: 18 Apr 2009 Posts: 6920
|
Posted: Fri Apr 06, 2018 9:31 am Post subject: |
|
|
Actually krinn's right, the dumb solutions are usually the best. I'd like to keep the rest of /etc/motd intact though, which makes things a little more complicated. Nothing I can't fix with some dumb sed though... |
|
Back to top |
|
|
khayyam Watchman
Joined: 07 Jun 2012 Posts: 6227 Location: Room 101
|
Posted: Fri Apr 06, 2018 10:42 am Post subject: |
|
|
Hu wrote: | Useless Use of Cat and Useless Use of Echo. :) That could be done with cp, but none of this answers his question. |
Hu, et al ... wouldn't that be a useless use of cp ;) hehehe
Code: | # echo $SHELL
/bin/zsh
# </proc/version >/etc/motd |
@Ant .P ... MOTD_FILE (man login) can include multiple files (colon delimited), so you can simply have it point to /proc/version ... no useless use of anything ;)
best ... khay |
|
Back to top |
|
|
pjp Administrator
Joined: 16 Apr 2002 Posts: 20067
|
Posted: Fri Apr 06, 2018 4:24 pm Post subject: |
|
|
khayyam wrote: | Hu wrote: | Useless Use of Cat and Useless Use of Echo. That could be done with cp, but none of this answers his question. |
Hu, et al ... wouldn't that be a useless use of cp hehehe
Code: | # echo $SHELL
/bin/zsh
# </proc/version >/etc/motd |
@Ant .P ... MOTD_FILE (man login) can include multiple files (colon delimited), so you can simply have it point to /proc/version ... no useless use of anything
best ... khay | Aaaaand.... since you didn't read Ant P.'s post, I guess your post would be UUOR (useless use of response)
Ant P. mentions your "solution," which doesn't work, and the main reason behind the thread. Ant P. wrote: | So I thought I'd be clever and set “MOTD_FILE /proc/version:/etc/motd” in login.defs |
_________________ Quis separabit? Quo animo? |
|
Back to top |
|
|
khayyam Watchman
Joined: 07 Jun 2012 Posts: 6227 Location: Room 101
|
Posted: Fri Apr 06, 2018 9:27 pm Post subject: |
|
|
khayyam wrote: | @Ant .P ... MOTD_FILE (man login) can include multiple files (colon delimited), so you can simply have it point to /proc/version ... no useless use of anything ;) |
pjp wrote: | Aaaaand.... since you didn't read Ant P.'s post, I guess your post would be UUOR (useless use of response) :P Ant P. mentions your "solution," which doesn't work, and the main reason behind the thread. |
pjp ... actually no, I did read it, I simply forgot to include one part of the equation, he would need to enable 'PrintMotd yes' in /etc/sshd/sshd_config (which was not mentioned and is set to 'no' by default). I call your UUOR and raise you a UUOAC (useless use of a correction) ;)
best ... khay |
|
Back to top |
|
|
Ant P. Watchman
Joined: 18 Apr 2009 Posts: 6920
|
Posted: Fri Apr 06, 2018 10:11 pm Post subject: |
|
|
That's on by default for me...
man 5 sshd_config wrote: | PrintMotd
Specifies whether sshd(8) should print /etc/motd when a user logs
in interactively. (On some systems it is also printed by the
shell, /etc/profile, or equivalent.) The default is yes. |
I ended up putting an old-fashioned $Id:$ marker in /etc/motd, with a @reboot line in crontab which runs this ugly mess to fill it in:
Code: | perl -pi -e 's{^(.*\$Id:).*?(\$.*)$}{sprintf(q[%s %s %s],$1,chomp($_=`uname -r`)&&$_,$2)}e' /etc/motd |
That... more or less does what I originally wanted. (It's a lot more readable than the failed attempts I made with sed/ed, seriously!) |
|
Back to top |
|
|
khayyam Watchman
Joined: 07 Jun 2012 Posts: 6227 Location: Room 101
|
Posted: Fri Apr 06, 2018 11:01 pm Post subject: |
|
|
Ant P. wrote: | That's on by default for me...
man 5 sshd_config wrote: | PrintMotd
Specifies whether sshd(8) should print /etc/motd when a user logs
in interactively. (On some systems it is also printed by the
shell, /etc/profile, or equivalent.) The default is yes. |
|
Ant P. ... hmmm, for me it's set to 'no', though the file is older than the install so it's possible I set it for some reason I can nolonger remember. Anyhow, I think the issue is that MOTD_FILE is set via pam.d, and not login.defs, when pam is in use ('UsePAM yes'). However, the colon syntax doesn't seem to apply here, but the following seems to get something near the desired result.
Code: | % grep motd /etc/pam.d/system-login
session optional pam_motd.so motd=/etc/motd motd=/etc/motd2
% grep . /etc/motd*
/etc/motd:hello
/etc/motd2:this is a test
% ssh localhost
this is a test
hello |
best ... khay |
|
Back to top |
|
|
|