support Fedora, redhat, CentOS by installing systemd service with

runas=$USER
kryptco · Apr 10, 2017 · c965db9 · c965db9
1 parent beff828
commit c965db9
Show file tree

Hide file tree

Showing 4 changed files with 58 additions and 4 deletions.
diff --git a/Makefile b/Makefile
@@ -1,5 +1,7 @@
 GOBUILDFLAGS += -ldflags -s
 
+OS ?= $(shell ./install/os.sh)
+
 all:
 	-mkdir -p bin
 	cd kr; go build $(GOBUILDFLAGS) -o ../bin/kr
@@ -30,20 +32,27 @@ DSTLIB = $(PREFIX)/lib
 install: all
 	$(SUDO) ln -sf $(SRCBIN)/kr $(DSTBIN)/kr
 	$(SUDO) ln -sf $(SRCBIN)/krd $(DSTBIN)/krd
+	$(SUDO) ln -sf $(SRCBIN)/krssh $(DSTBIN)/krssh
 	$(SUDO) ln -sf $(SRCBIN)/kr-pkcs11.so $(DSTLIB)/kr-pkcs11.so
 	mkdir -p ~/.ssh
+	touch ~/.ssh/config
 ifeq ($(UNAME_S),Darwin)
 	perl -0777 -ne '/# Added by Kryptonite\nHost \*\n\tPKCS11Provider \/usr\/local\/lib\/kr-pkcs11.so\n\tProxyCommand `find \/usr\/local\/bin\/krssh 2>\/dev\/null \|\| which nc` %h %p\n\tIdentityFile ~\/.ssh\/id_kryptonite\n\tIdentityFile ~\/.ssh\/id_ed25519\n\tIdentityFile ~\/.ssh\/id_rsa\n\tIdentityFile ~\/.ssh\/id_ecdsa\n\tIdentityFile ~\/.ssh\/id_dsa/ || exit(1)' ~/.ssh/config || echo '\n# Added by Kryptonite\nHost *\n\tPKCS11Provider /usr/local/lib/kr-pkcs11.so\n\tProxyCommand `find /usr/local/bin/krssh 2>/dev/null || which nc` %h %p\n\tIdentityFile ~/.ssh/id_kryptonite\n\tIdentityFile ~/.ssh/id_ed25519\n\tIdentityFile ~/.ssh/id_rsa\n\tIdentityFile ~/.ssh/id_ecdsa\n\tIdentityFile ~/.ssh/id_dsa' >> ~/.ssh/config
 endif
 ifeq ($(UNAME_S),Linux)
-	perl -0777 -ne '/# Added by Kryptonite\nHost \*\n\tPKCS11Provider \/usr\/lib\/kr-pkcs11.so\n\tProxyCommand `find \/usr\/bin\/krssh 2>\/dev\/null \|\| which nc` %h %p\n\tIdentityFile ~\/.ssh\/id_kryptonite\n\tIdentityFile ~\/.ssh\/id_ed25519\n\tIdentityFile ~\/.ssh\/id_rsa\n\tIdentityFile ~\/.ssh\/id_ecdsa\n\tIdentityFile ~\/.ssh\/id_dsa/ || exit(1)' ~/.ssh/config || echo '\n# Added by Kryptonite\nHost *\n\tPKCS11Provider /usr/lib/kr-pkcs11.so\n\tProxyCommand `find /usr/bin/krssh 2>/dev/null || which nc` %h %p\n\tIdentityFile ~/.ssh/id_kryptonite\n\tIdentityFile ~/.ssh/id_ed25519\n\tIdentityFile ~/.ssh/id_rsa\n\tIdentityFile ~/.ssh/id_ecdsa\n\tIdentityFile ~/.ssh/id_dsa' >> ~/.ssh/config
+	perl -0777 -ne '/# Added by Kryptonite\nHost \*\n\tPKCS11Provider \/usr\/lib\/kr-pkcs11.so\n\tProxyCommand `find \/usr\/bin\/krssh 2>\/dev\/null \|\| which nc` %h %p\n\tIdentityFile ~\/.ssh\/id_kryptonite\n\tIdentityFile ~\/.ssh\/id_ed25519\n\tIdentityFile ~\/.ssh\/id_rsa\n\tIdentityFile ~\/.ssh\/id_ecdsa\n\tIdentityFile ~\/.ssh\/id_dsa/ || exit(1)' ~/.ssh/config || printf '\n# Added by Kryptonite\nHost *\n\tPKCS11Provider /usr/lib/kr-pkcs11.so\n\tProxyCommand `find /usr/bin/krssh 2>/dev/null || which nc` %%h %%p\n\tIdentityFile ~/.ssh/id_kryptonite\n\tIdentityFile ~/.ssh/id_ed25519\n\tIdentityFile ~/.ssh/id_rsa\n\tIdentityFile ~/.ssh/id_ecdsa\n\tIdentityFile ~/.ssh/id_dsa' >> ~/.ssh/config
 endif
 
 start:
-ifeq ($(UNAME_S),Linux)
+ifeq ($(OS),redhat)
+	sudo ./install/systemd-service-as-current-user.sh > /etc/systemd/system/default.target.wants/kr.service
+else ifeq ($(OS),Fedora)
+	sudo ./install/systemd-service-as-current-user.sh > /etc/systemd/system/default.target.wants/kr.service
+else ifeq ($(OS),CentOS)
+	sudo ./install/systemd-service-as-current-user.sh > /etc/systemd/system/default.target.wants/kr.service
+else ifeq ($(UNAME_S),Linux)
 	sudo cp share/kr.service /etc/systemd/user/default.target.wants/kr.service
-endif
-ifeq ($(UNAME_S),Darwin)
+else ifeq ($(UNAME_S),Darwin)
 	mkdir -p ~/Library/LaunchAgents
 	cp share/co.krypt.krd.plist ~/Library/LaunchAgents/co.krypt.krd.plist
 endif

diff --git a/install/os.sh b/install/os.sh
@@ -0,0 +1,27 @@
+#!/bin/bash
+# Check for FreeBSD in the uname output
+# If it's not FreeBSD, then we move on!
+if [ "$(uname -s)" == 'FreeBSD' ]; then
+  OS='freebsd'
+# Check for a redhat-release file and see if we can
+# tell which Red Hat variant it is
+elif [ -f "/etc/redhat-release" ]; then
+  RHV=$(egrep -o 'Fedora|CentOS|Red\ Hat|Red.Hat' /etc/redhat-release)
+  case $RHV in
+    Fedora)  OS='fedora';;
+    CentOS)  OS='centos';;
+   Red\ Hat)  OS='redhat';;
+   Red.Hat)  OS='redhat';;
+  esac
+# Check for debian_version
+elif [ -f "/etc/debian_version" ]; then
+  OS='debian'
+# Check for arch-release
+elif [ -f "/etc/arch-release" ]; then
+  OS='arch'
+# Check for SuSE-release
+elif [ -f "/etc/SuSE-release" ]; then
+  OS='suse'
+fi
+# echo the result
+echo "$OS"
diff --git a/install/systemd-service-as-current-user.sh b/install/systemd-service-as-current-user.sh
@@ -0,0 +1,13 @@
+#!/bin/bash
+cat - <<EOF
+[Unit]
+Description=Kryptonite daemon
+
+[Service]
+ExecStart=/usr/bin/krd
+Restart=on-failure
+User=${SUDO_USER:-$USER}
+
+[Install]
+WantedBy=default.target
+EOF
diff --git a/kr/kr_linux.go b/kr/kr_linux.go
@@ -13,6 +13,11 @@ func restartCommand(c *cli.Context) (err error) {
 	exec.Command("systemctl", "--user", "stop", "kr").Run()
 	exec.Command("systemctl", "--user", "enable", "kr").Run()
 	exec.Command("systemctl", "--user", "start", "kr").Run()
+	exec.Command("systemctl", "daemon-reload").Run()
+	exec.Command("systemctl", "disable", "kr").Run()
+	exec.Command("systemctl", "stop", "kr").Run()
+	exec.Command("systemctl", "enable", "kr").Run()
+	exec.Command("systemctl", "start", "kr").Run()
 	PrintErr(os.Stderr, "Restarted Kryptonite daemon.")
 	return
 }