Mercurial Mercurial > upstream > oracle > userland-gate / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
22980565 sshd method must stop including ipf_include.sh
authorTomas Kuthan <tomas.kuthan@oracle.com>
Wed, 23 Mar 2016 08:57:50 -0700
changeset 5647 ecaf580d5b6e
parent 5646 a69d6bde5fc1
child 5648 40cb75939d44
22980565 sshd method must stop including ipf_include.sh
components/openssh/sources/ssh.xml file | annotate | diff | comparison | revisions
components/openssh/sources/sshd.sh file | annotate | diff | comparison | revisions 
--- a/components/openssh/sources/ssh.xml	Tue Mar 22 18:37:14 2016 -0700
+++ b/components/openssh/sources/ssh.xml	Wed Mar 23 08:57:50 2016 -0700
@@ -49,13 +49,6 @@
 		<service_fmri value='svc:/system/utmp' />
 	</dependency>
 
-	<dependency name='network_ipfilter'
-		grouping='optional_all'
-		restart_on='error'
-		type='service'>
-		<service_fmri value='svc:/network/ipfilter:default' />
-	</dependency>
-
 	<dependency name='config_data'
 		grouping='require_all'
 		restart_on='restart'
@@ -120,20 +113,6 @@
                         value='solaris.smf.manage.ssh' />
         </property_group>
 
-	<property_group name='firewall_context' type='com.sun,fw_definition'>
-		<propval name='name' type='astring' value='ssh' />
-		<propval name='ipf_method' type='astring'
-		    value='/lib/svc/method/sshd ipfilter' />
-	</property_group>
-
-	<property_group name='firewall_config' type='com.sun,fw_configuration'>
-		<propval name='policy' type='astring' value='use_global' />
-		<propval name='apply_to' type='astring' value='' />
-		<propval name='exceptions' type='astring' value='' />
-		<propval name='value_authorization' type='astring'
-			value='solaris.smf.value.firewall.config' />
-	</property_group>
-
         <property_group name='sysconfig' type='sysconfig'>
                 <stability value='Unstable' />
                 <propval name='group' type='astring' value='network' />
--- a/components/openssh/sources/sshd.sh	Tue Mar 22 18:37:14 2016 -0700
+++ b/components/openssh/sources/sshd.sh	Wed Mar 23 08:57:50 2016 -0700
@@ -4,7 +4,6 @@
 #
 
 . /lib/svc/share/smf_include.sh
-. /lib/svc/share/ipf_include.sh
 
 SSHDIR=/etc/ssh
 KEYGEN="/usr/bin/ssh-keygen -q"
@@ -44,24 +43,6 @@
 	fi
 }
 
-create_ipf_rules()
-{
-	FMRI=$1
-	ipf_file=`fmri_to_file ${FMRI} $IPF_SUFFIX`
-	policy=`get_policy ${FMRI}`
-
-	#
-	# Get port from /etc/ssh/sshd_config
-	#
-	tports=`grep "^Port" /etc/ssh/sshd_config 2>/dev/null | \
-	    awk '{print $2}'`
-
-	echo "# $FMRI" >$ipf_file
-	for port in $tports; do
-		generate_rules $FMRI $policy "tcp" "any" $port $ipf_file
-	done
-}
-
 remove_key()
 {
         keypath=$1
@@ -166,10 +147,6 @@
 
 	# SMF arguments (start and restart [really "refresh"])
 
-'ipfilter')
-	create_ipf_rules $2
-	;;
-
 'start')
 	#
 	# If host keys don't exist when the service is started, create
upstream/oracle/userland-gate