Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / service-config-manager / a19b509352cc7d9fcacf345f81163bf6998ec7b4^! / . / inc
commita19b509352cc7d9fcacf345f81163bf6998ec7b4[log] [tgz]
authorGeorge Liu <liuxiwei@inspur.com>Mon May 24 15:54:02 2021 +0800
committerGeorge Liu <liuxiwei@inspur.com>Wed Jul 14 08:58:44 2021 +0800
tree21a2630741732ee4b1d4b8f09797d11fbf59f83e
parent1f3813f819f11b27f515891c239113f0b4e60936 [diff]
Allow disabling SSH

The intent behind this commit is to add the dropbear service, monitor
the Enabled and Running properties, and then update the
dropbear.socket to allow disabling/enabling SSH.

Tested:
1.
busctl introspect xyz.openbmc_project.Control.Service.Manager /xyz/openbmc_project/control/service/dropbear
 xyz.openbmc_project.Control.Service.Attributes       interface
 .Enabled                property  b    false  emits-change writable
 .Masked                 property  b    false  emits-change writable
 .Running                property  b    true   emits-change writable

 Open a new SSH connection:
 sudo ssh username@<IP>
 Successfully connected

2.
busctl set-property xyz.openbmc_project.Control.Service.Manager /xyz/openbmc_project/control/service/dropbear xyz.openbmc_project.Control.Service.Attributes Running b false

busctl introspect xyz.openbmc_project.Control.Service.Manager /xyz/openbmc_project/control/service/dropbear
 xyz.openbmc_project.Control.Service.Attributes       interface
 .Enabled                property  b    false  emits-change writable
 .Masked                 property  b    false  emits-change writable
 .Running                property  b    false  emits-change writable

 Open a new SSH connection:
 sudo ssh username@<IP>
 ssh: connect to host <IP> port 22: Connection refused

Signed-off-by: George Liu <liuxiwei@inspur.com>
Change-Id: I5d004f7f49c25fc90b93dabd124fe0d3d93ca822

diff --git a/inc/srvcfg_manager.hpp b/inc/srvcfg_manager.hpp
index bf52ab2..4036623 100644
--- a/inc/srvcfg_manager.hpp
+++ b/inc/srvcfg_manager.hpp

@@ -91,6 +91,9 @@
     bool unitMaskedState = false;
     bool unitEnabledState = false;
     bool unitRunningState = false;
+
+    // dropbear is handled specially because it is a socket-activated service.
+    bool isDropBearService = false;
     std::string subStateValue;
 
     bool isMaskedOut();

diff --git a/inc/utils.hpp b/inc/utils.hpp
index c9df6ae..234124d 100644
--- a/inc/utils.hpp
+++ b/inc/utils.hpp

@@ -42,6 +42,26 @@
 static constexpr const char* stateEnabled = "enabled";
 static constexpr const char* stateDisabled = "disabled";
 static constexpr const char* subStateRunning = "running";
+static constexpr const char* subStateListening = "listening";
+
+using ListUnitsType =
+    std::tuple<std::string, std::string, std::string, std::string, std::string,
+               std::string, sdbusplus::message::object_path, uint32_t,
+               std::string, sdbusplus::message::object_path>;
+
+enum class ListUnitElements
+{
+    name,
+    descriptionString,
+    loadState,
+    activeState,
+    subState,
+    followedUnit,
+    objectPath,
+    queuedJobType,
+    jobType,
+    jobObject
+};
 
 static inline std::string addInstanceName(const std::string& instanceName,
                                           const std::string& suffix)
@@ -49,6 +69,9 @@
     return (instanceName.empty() ? "" : suffix + instanceName);
 }
 
+void checkAndThrowInternalFailure(boost::system::error_code& ec,
+                                  const std::string& msg);
+
 void systemdDaemonReload(
     const std::shared_ptr<sdbusplus::asio::connection>& conn,
     boost::asio::yield_context yield);