diff options
author | Colin Watson <cjwatson@debian.org> | 2023-12-30 22:17:38 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2023-12-30 22:17:38 +0000 |
commit | 3bc6b448c8cf2ba98640c16c22f1c2f39ff38fab (patch) | |
tree | 56af1a3c60881faa5e779dd666319a5495ce2972 | |
parent | 695d98224c181870e29508ee795833f330efe18c (diff) |
Allow passing extra ssh-agent arguments via "agent-launch start"
This makes it possible to override things like identity lifetime using a
systemd drop-in unit.
Closes: #1059639
-rwxr-xr-x | debian/agent-launch | 25 | ||||
-rw-r--r-- | debian/changelog | 9 | ||||
-rw-r--r-- | debian/systemd/ssh-agent.service | 6 |
3 files changed, 39 insertions, 1 deletions
diff --git a/debian/agent-launch b/debian/agent-launch index 3b2abdbf7..637f8cdb6 100755 --- a/debian/agent-launch +++ b/debian/agent-launch @@ -2,17 +2,40 @@ # helper script for launching ssh-agent, used by systemd unit set -e +options="$(getopt -o '' -l help -- "$@")" || exit 1 +eval set -- "$options" + if [ ! -d "$XDG_RUNTIME_DIR" ]; then # shellcheck disable=SC2016 echo 'This needs $XDG_RUNTIME_DIR to be set' >&2 exit 1 fi +while :; do + case $1 in + --help) + echo 'Usage:' >&2 + echo " $0 start [-- ssh-agent options]" >&2 + echo " $0 stop" + exit 0 + ;; + --) + shift + break + ;; + *) + echo "Unexpected argument: $1" >&2 + exit 1 + ;; + esac +done + if [ "$1" = start ]; then + shift if [ -z "$SSH_AUTH_SOCK" ] && grep -s -q '^use-ssh-agent$' /etc/X11/Xsession.options; then S="$XDG_RUNTIME_DIR/openssh_agent" dbus-update-activation-environment --verbose --systemd SSH_AUTH_SOCK="$S" SSH_AGENT_LAUNCHER=openssh - exec ssh-agent -D -a "$S" + exec ssh-agent -D -a "$S" "$@" fi elif [ "$1" = stop ]; then if [ "$SSH_AGENT_LAUNCHER" = openssh ]; then diff --git a/debian/changelog b/debian/changelog index 6fe762538..8835357cb 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,12 @@ +openssh (1:9.6p1-3) UNRELEASED; urgency=medium + + * Allow passing extra ssh-agent arguments via + "/usr/lib/openssh/agent-launch start", making it possible to override + things like identity lifetime using a systemd drop-in unit (closes: + #1059639). + + -- Colin Watson <cjwatson@debian.org> Sat, 30 Dec 2023 22:11:02 +0000 + openssh (1:9.6p1-2) unstable; urgency=medium * Improve detection of broken -fzero-call-used-regs=used (see diff --git a/debian/systemd/ssh-agent.service b/debian/systemd/ssh-agent.service index cdc10bb47..68273bd75 100644 --- a/debian/systemd/ssh-agent.service +++ b/debian/systemd/ssh-agent.service @@ -7,5 +7,11 @@ Wants=dbus.socket After=dbus.socket [Service] +# If you need to pass extra arguments to ssh-agent, you can use "systemctl +# --user edit ssh-agent.service" to add a drop-in unit with contents along +# these lines: +# [Service] +# ExecStart= +# ExecStart=/usr/lib/openssh/agent-launch start -- -t 1200 ExecStart=/usr/lib/openssh/agent-launch start ExecStopPost=/usr/lib/openssh/agent-launch stop |