From mboxrd@z Thu Jan  1 00:00:00 1970
X-GM-THRID: 7031876052419870720
X-Received: by 2002:a05:6512:2354:: with SMTP id p20mr23852872lfu.424.1637236227568;
        Thu, 18 Nov 2021 03:50:27 -0800 (PST)
X-BeenThere: isar-users@googlegroups.com
Received: by 2002:a05:6512:3d9e:: with SMTP id k30ls2026168lfv.1.gmail; Thu,
 18 Nov 2021 03:50:26 -0800 (PST)
X-Google-Smtp-Source: ABdhPJz0fTScIbwmJpjqf4hBfW0hTIp54/qmE8111j6lRJbrJwK2UdYWbvA81b0eTIO/eJoje7Zo
X-Received: by 2002:ac2:5e8f:: with SMTP id b15mr23853967lfq.252.1637236226515;
        Thu, 18 Nov 2021 03:50:26 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1637236226; cv=none;
        d=google.com; s=arc-20160816;
        b=ZYfOiRd6W2NLUaH3ovvatbCHdDxocjIq11gpSorFVuta36miBTixt7j4gNm238uWSx
         YsNaA7w1cfRMqKY7BnmPJU7H6mhFtYt1SKurnNlsaS6LUInwCJ3UXrMSQL2OiUO2fCJk
         xGA0ssZTOYLZqsXb3cwto9AhEn0o1p6eSXLWtPW80GBGnXtBUrTPXY2JkLKB5yNRLgK9
         vz34ZLwl8BMy2OUzAlTg06tTDnGdIu2bN+6pGtGwenr5qCn4vZR4iDLXk+POScH2YYYj
         Ebhkv+IweMrMm+nWM4i+Wk0HF+s/pf50rNM4GiEt4aKVAHHgkGWaU3YGVDJkSWw7oyBR
         YQFQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=content-transfer-encoding:mime-version:message-id:date:subject:to
         :from;
        bh=b1s7Vvfci7tQ01pj2lgIWqR2bIsYI1EaXCFQSl/LhCI=;
        b=CKoP4Hv60AL0+71ZxmuZBo73R9s6e3uEpeKuQ1GnEtA9sInM5WwPQxCJuzatXKXvzP
         4xn2Ry+Ke3aAJaie3y+6Qls6p3ngWfTEXMuITbKF/DHwr8tKRd/LvHjfRNtFKgZOdwYq
         htnt6znD7OVnb0toovhajK15M8qq6ZGtYbcdBHdFpIvvMIJDVjt+4pd6OpHRrSUkbloa
         XKQAbgnG+tMOrCStGpQGjTvunrWX9uLYPS/+sBhmQ53pCMbiGSOaISJ1l1tPO3DGjXr6
         DmygI3hUy7MGfqUa5DJw/1hJ7i1Oai9NscISra/AjZgyxwM8GrrWJFaeNa/81HTK57Vj
         K46A==
ARC-Authentication-Results: i=1; gmr-mx.google.com;
       spf=pass (google.com: domain of quirin.gylstorff@siemens.com designates 192.35.17.2 as permitted sender) smtp.mailfrom=Quirin.Gylstorff@siemens.com;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com
Return-Path: <Quirin.Gylstorff@siemens.com>
Received: from thoth.sbs.de (thoth.sbs.de. [192.35.17.2])
        by gmr-mx.google.com with ESMTPS id y7si207702ljp.7.2021.11.18.03.50.26
        for <isar-users@googlegroups.com>
        (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
        Thu, 18 Nov 2021 03:50:26 -0800 (PST)
Received-SPF: pass (google.com: domain of quirin.gylstorff@siemens.com designates 192.35.17.2 as permitted sender) client-ip=192.35.17.2;
Authentication-Results: gmr-mx.google.com;
       spf=pass (google.com: domain of quirin.gylstorff@siemens.com designates 192.35.17.2 as permitted sender) smtp.mailfrom=Quirin.Gylstorff@siemens.com;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com
Received: from mail1.sbs.de (mail1.sbs.de [192.129.41.35])
	by thoth.sbs.de (8.15.2/8.15.2) with ESMTPS id 1AIBoPRD014164
	(version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK)
	for <isar-users@googlegroups.com>; Thu, 18 Nov 2021 12:50:25 +0100
Received: from md2dvrtc.fritz.box ([139.22.45.143])
	by mail1.sbs.de (8.15.2/8.15.2) with ESMTP id 1AIBoPeW006793;
	Thu, 18 Nov 2021 12:50:25 +0100
From: "Q. Gylstorff" <Quirin.Gylstorff@siemens.com>
To: henning.schild@siemens.com, isar-users@googlegroups.com,
        jan.kiszka@siemens.com
Subject: [PATCH] sshd-regen-keys: Disable service after it run once
Date: Thu, 18 Nov 2021 12:50:25 +0100
Message-Id: <20211118115025.182309-1-Quirin.Gylstorff@siemens.com>
X-Mailer: git-send-email 2.30.2
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-TUID: uBCZ3xfVmx9A

From: Quirin Gylstorff <quirin.gylstorff@siemens.com>

sshd-regen-keys is executed every time the system boots.
This leads to new system ssh keys every boot.

Revert to the behavior to before
commit d700bf83042c57efdc4f4721f56d078433ce6b1d sshd-regen-keys: Improve service, make more robust

and disable the service after it was executed.

Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com>
---
 .../sshd-regen-keys/files/sshd-regen-keys.service                | 1 +
 .../{sshd-regen-keys_0.4.bb => sshd-regen-keys_0.5.bb}           | 0
 2 files changed, 1 insertion(+)
 rename meta/recipes-support/sshd-regen-keys/{sshd-regen-keys_0.4.bb => sshd-regen-keys_0.5.bb} (100%)

diff --git a/meta/recipes-support/sshd-regen-keys/files/sshd-regen-keys.service b/meta/recipes-support/sshd-regen-keys/files/sshd-regen-keys.service
index 5c2ccff7..b38e6edc 100644
--- a/meta/recipes-support/sshd-regen-keys/files/sshd-regen-keys.service
+++ b/meta/recipes-support/sshd-regen-keys/files/sshd-regen-keys.service
@@ -11,6 +11,7 @@ ConditionPathIsReadWrite=/etc
 Type=oneshot
 RemainAfterExit=yes
 ExecStart=/usr/bin/ssh-keygen -A
+ExecStartPost=-/bin/systemctl disable sshd-regen-keys.service
 
 [Install]
 WantedBy=sysinit.target
diff --git a/meta/recipes-support/sshd-regen-keys/sshd-regen-keys_0.4.bb b/meta/recipes-support/sshd-regen-keys/sshd-regen-keys_0.5.bb
similarity index 100%
rename from meta/recipes-support/sshd-regen-keys/sshd-regen-keys_0.4.bb
rename to meta/recipes-support/sshd-regen-keys/sshd-regen-keys_0.5.bb
-- 
2.30.2