diff --git a/ssh/Dockerfile b/ssh/Dockerfile index 09446c3a7..da15da7ad 100644 --- a/ssh/Dockerfile +++ b/ssh/Dockerfile @@ -1,4 +1,4 @@ -ARG BUILD_FROM=ghcr.io/hassio-addons/base/amd64:11.1.2 +ARG BUILD_FROM=ghcr.io/hassio-addons/base/amd64:12.0.0 # hadolint ignore=DL3006 FROM ${BUILD_FROM} @@ -18,58 +18,58 @@ RUN \ apk add --no-cache --virtual .build-dependencies \ bsd-compat-headers=0.7.2-r3 \ build-base=0.5-r2 \ - cmake=3.21.3-r0 \ - docker=20.10.14-r1 \ - json-c-dev=0.15-r1 \ + cmake=3.23.1-r0 \ + docker=20.10.16-r0 \ + json-c-dev=0.16-r0 \ libffi-dev=3.4.2-r1 \ - libuv-dev=1.42.0-r0 \ - openssl-dev=1.1.1n-r0 \ - python3-dev=3.9.7-r4 \ + libuv-dev=1.44.1-r0 \ + openssl-dev=1.1.1o-r0 \ + python3-dev=3.10.4-r0 \ zlib-dev=1.2.12-r1 \ \ && apk add --no-cache \ ack=3.5.0-r1 \ - alsa-plugins-pulse=1.2.5-r2 \ - alsa-utils=1.2.5.1-r2 \ - awake=1.0-r6 \ + alsa-plugins-pulse=1.2.6-r1 \ + alsa-utils=1.2.6-r0 \ + awake=1.0-r7 \ bash-completion=2.11-r4 \ - bind-tools=9.16.27-r0 \ + bind-tools=9.16.29-r0 \ bluez=5.64-r0 \ - colordiff=1.0.19-r0 \ + colordiff=1.0.20-r0 \ device-mapper-libs=2.02.187-r2 \ - docker-bash-completion=20.10.14-r1 \ - docker-zsh-completion=20.10.14-r1 \ - git=2.34.2-r0 \ - htop=3.1.1-r0 \ - json-c=0.15-r1 \ - libltdl=2.4.6-r7 \ - libuv=1.42.0-r0 \ - libxml2-utils=2.9.13-r0 \ - mariadb-client=10.6.7-r0 \ + docker-bash-completion=20.10.16-r0 \ + docker-zsh-completion=20.10.16-r0 \ + git=2.36.1-r0 \ + htop=3.2.0-r1 \ + json-c=0.16-r0 \ + libltdl=2.4.7-r0 \ + libuv=1.44.1-r0 \ + libxml2-utils=2.9.14-r0 \ + mariadb-client=10.6.8-r0 \ mosh=1.3.2-r22 \ mosquitto-clients=2.0.14-r0 \ - nano-syntax=5.9-r0 \ - nano=5.9-r0 \ - ncurses=6.3_p20211120-r0 \ - net-tools=1.60_git20140218-r2 \ - networkmanager=1.32.12-r1 \ + nano-syntax=6.3-r0 \ + nano=6.3-r0 \ + ncurses=6.3_p20220521-r0 \ + net-tools=2.10-r0 \ + networkmanager=1.38.0-r0 \ nmap=7.92-r2 \ - openssh=8.8_p1-r1 \ - openssl=1.1.1n-r0 \ + openssh=9.0_p1-r1 \ + openssl=1.1.1o-r0 \ pwgen=2.08-r1 \ pulseaudio-utils=15.0-r2 \ - py3-pip=20.3.4-r1 \ - python3=3.9.7-r4 \ - rsync=3.2.3-r5 \ - sqlite=3.36.0-r0 \ - sudo=1.9.8_p2-r1 \ + py3-pip=22.1.1-r0 \ + python3=3.10.4-r0 \ + rsync=3.2.4-r0 \ + sqlite=3.38.5-r0 \ + sudo=1.9.10-r0 \ tmux=3.2a-r0 \ - vim=8.2.4836-r0 \ - wget=1.21.2-r2 \ + vim=8.2.5000-r0 \ + wget=1.21.3-r0 \ zip=3.0-r9 \ zsh-autosuggestions=0.7.0-r0 \ - zsh-syntax-highlighting=0.7.1-r1 \ - zsh=5.8.1-r0 \ + zsh-syntax-highlighting=0.7.1-r2 \ + zsh=5.8.1-r4 \ \ && git clone --depth 1 \ https://github.com/robbyrussell/oh-my-zsh.git ~/.oh-my-zsh \ @@ -117,7 +117,7 @@ RUN \ \ && pip3 install \ --no-cache-dir \ - --find-links "https://wheels.home-assistant.io/alpine-3.14/${BUILD_ARCH}/" \ + --find-links "https://wheels.home-assistant.io/alpine-3.16/${BUILD_ARCH}/" \ -r /tmp/requirements.txt \ \ && apk del --no-cache --purge .build-dependencies \ @@ -135,6 +135,12 @@ RUN \ # Copy root filesystem COPY rootfs / +# Ensure right permissions +RUN \ + chmod 0750 /etc/sudo.conf \ + && chmod 0750 -R /etc/sudoers.d \ + && chmod 0640 /etc/sudoers.d + # Build arguments ARG BUILD_ARCH ARG BUILD_DATE diff --git a/ssh/build.yaml b/ssh/build.yaml index b7f18bcd4..9f7b211a8 100644 --- a/ssh/build.yaml +++ b/ssh/build.yaml @@ -1,10 +1,10 @@ --- build_from: - aarch64: ghcr.io/hassio-addons/base/aarch64:11.1.2 - amd64: ghcr.io/hassio-addons/base/amd64:11.1.2 - armhf: ghcr.io/hassio-addons/base/armhf:11.1.2 - armv7: ghcr.io/hassio-addons/base/armv7:11.1.2 - i386: ghcr.io/hassio-addons/base/i386:11.1.2 + aarch64: ghcr.io/hassio-addons/base/aarch64:12.0.0 + amd64: ghcr.io/hassio-addons/base/amd64:12.0.0 + armhf: ghcr.io/hassio-addons/base/armhf:12.0.0 + armv7: ghcr.io/hassio-addons/base/armv7:12.0.0 + i386: ghcr.io/hassio-addons/base/i386:12.0.0 codenotary: base_image: codenotary@frenck.dev signer: codenotary@frenck.dev diff --git a/ssh/config.yaml b/ssh/config.yaml index 411892a1a..d1c155bbe 100644 --- a/ssh/config.yaml +++ b/ssh/config.yaml @@ -10,6 +10,7 @@ startup: services ingress: true ingress_port: 0 ingress_stream: true +init: false panel_icon: mdi:console panel_title: Terminal homeassistant: 0.92.0b2 diff --git a/ssh/rootfs/etc/cont-init.d/docker.sh b/ssh/rootfs/etc/cont-init.d/docker.sh old mode 100644 new mode 100755 index 1f88ee405..0d5518f00 --- a/ssh/rootfs/etc/cont-init.d/docker.sh +++ b/ssh/rootfs/etc/cont-init.d/docker.sh @@ -1,4 +1,4 @@ -#!/usr/bin/with-contenv bashio +#!/command/with-contenv bashio # ============================================================================== # Home Assistant Community Add-on: SSH & Web Terminal # Enables Docker by moving the Docker executable in place. diff --git a/ssh/rootfs/etc/cont-init.d/mosquitto.sh b/ssh/rootfs/etc/cont-init.d/mosquitto.sh old mode 100644 new mode 100755 index 66235ceb9..f1c2a35df --- a/ssh/rootfs/etc/cont-init.d/mosquitto.sh +++ b/ssh/rootfs/etc/cont-init.d/mosquitto.sh @@ -1,4 +1,4 @@ -#!/usr/bin/with-contenv bashio +#!/command/with-contenv bashio # ============================================================================== # Home Assistant Community Add-on: SSH & Web Terminal # Pre-configures the Mosquitto clients, if the service is available diff --git a/ssh/rootfs/etc/cont-init.d/mysql.sh b/ssh/rootfs/etc/cont-init.d/mysql.sh old mode 100644 new mode 100755 index f047b3d71..e06c35443 --- a/ssh/rootfs/etc/cont-init.d/mysql.sh +++ b/ssh/rootfs/etc/cont-init.d/mysql.sh @@ -1,4 +1,4 @@ -#!/usr/bin/with-contenv bashio +#!/command/with-contenv bashio # ============================================================================== # Home Assistant Community Add-on: SSH & Web Terminal # Pre-configures the MySQL clients, if the service is available diff --git a/ssh/rootfs/etc/cont-init.d/ssh.sh b/ssh/rootfs/etc/cont-init.d/ssh.sh old mode 100644 new mode 100755 index 74865bff0..dc6f44e5a --- a/ssh/rootfs/etc/cont-init.d/ssh.sh +++ b/ssh/rootfs/etc/cont-init.d/ssh.sh @@ -1,4 +1,4 @@ -#!/usr/bin/with-contenv bashio +#!/command/with-contenv bashio # ============================================================================== # Home Assistant Community Add-on: SSH & Web Terminal # Configures the SSH daemon diff --git a/ssh/rootfs/etc/cont-init.d/user.sh b/ssh/rootfs/etc/cont-init.d/user.sh old mode 100644 new mode 100755 index cf83c9c4c..dbc0f075a --- a/ssh/rootfs/etc/cont-init.d/user.sh +++ b/ssh/rootfs/etc/cont-init.d/user.sh @@ -1,4 +1,4 @@ -#!/usr/bin/with-contenv bashio +#!/command/with-contenv bashio # ============================================================================== # Home Assistant Community Add-on: SSH & Web Terminal # Executes configured customizations & persists user settings diff --git a/ssh/rootfs/etc/fix-attrs.d/permissions b/ssh/rootfs/etc/fix-attrs.d/permissions deleted file mode 100644 index 0cd406f21..000000000 --- a/ssh/rootfs/etc/fix-attrs.d/permissions +++ /dev/null @@ -1,11 +0,0 @@ -/etc false root 0644 0755 -/etc/ssh false root 0644 0755 -/etc/ssh/authorized_keys false root 0644 0755 -/etc/sudo.conf false root 0640 0750 -/etc/sudoers.d true root 0640 0750 -/usr/bin/ha false root 0755 0755 -/usr/bin/hassio false root 0755 0755 -/usr/local/bin/docker false root 0755 0755 -/usr/local/bin/reboot false root 0755 0755 -/usr/local/bin/shutdown false root 0755 0755 -/var/log/btmp false root 0600 0700 diff --git a/ssh/rootfs/etc/services.d/sshd/finish b/ssh/rootfs/etc/services.d/sshd/finish old mode 100644 new mode 100755 index 1b721c293..53b1f8d22 --- a/ssh/rootfs/etc/services.d/sshd/finish +++ b/ssh/rootfs/etc/services.d/sshd/finish @@ -1,9 +1,11 @@ -#!/usr/bin/execlineb -S0 +#!/command/with-contenv bashio # ============================================================================== # Home Assistant Community Add-on: SSH & Web Terminal # Take down the S6 supervision tree when the SSH daemon fails # ============================================================================== -if { s6-test ${1} -ne 0 } -if { s6-test ${1} -ne 256 } +if [[ "${1}" -ne 0 ]] && [[ "${1}" -ne 256 ]]; then + bashio::log.warning "sshd crashed, halting add-on" + /run/s6/basedir/bin/halt +fi -s6-svscanctl -t /var/run/s6/services +bashio::log.info "sshd stoped, restarting..." diff --git a/ssh/rootfs/etc/services.d/sshd/run b/ssh/rootfs/etc/services.d/sshd/run old mode 100644 new mode 100755 index 1a83967c2..b68b0cc7e --- a/ssh/rootfs/etc/services.d/sshd/run +++ b/ssh/rootfs/etc/services.d/sshd/run @@ -1,4 +1,4 @@ -#!/usr/bin/with-contenv bashio +#!/command/with-contenv bashio # ============================================================================== # Home Assistant Community Add-on: SSH & Web Terminal # Starts the SSH service diff --git a/ssh/rootfs/etc/services.d/ttyd/finish b/ssh/rootfs/etc/services.d/ttyd/finish old mode 100644 new mode 100755 index 449c96fab..dc9f50422 --- a/ssh/rootfs/etc/services.d/ttyd/finish +++ b/ssh/rootfs/etc/services.d/ttyd/finish @@ -1,9 +1,11 @@ -#!/usr/bin/execlineb -S0 +#!/command/with-contenv bashio # ============================================================================== # Home Assistant Community Add-on: SSH & Web Terminal # Take down the S6 supervision tree when the ttyd daemon fails # ============================================================================== -if { s6-test ${1} -ne 0 } -if { s6-test ${1} -ne 256 } +if [[ "${1}" -ne 0 ]] && [[ "${1}" -ne 256 ]]; then + bashio::log.warning "ttyd crashed, halting add-on" + /run/s6/basedir/bin/halt +fi -s6-svscanctl -t /var/run/s6/services +bashio::log.info "ttyd stoped, restarting..." diff --git a/ssh/rootfs/etc/services.d/ttyd/run b/ssh/rootfs/etc/services.d/ttyd/run old mode 100644 new mode 100755 index 79cdac225..cc90ec3db --- a/ssh/rootfs/etc/services.d/ttyd/run +++ b/ssh/rootfs/etc/services.d/ttyd/run @@ -1,4 +1,4 @@ -#!/usr/bin/with-contenv bashio +#!/command/with-contenv bashio # ============================================================================== # Home Assistant Community Add-on: SSH & Web Terminal # Runs the ttyd daemon diff --git a/ssh/rootfs/usr/bin/hassio b/ssh/rootfs/usr/bin/hassio old mode 100644 new mode 100755 diff --git a/ssh/rootfs/usr/local/bin/docker b/ssh/rootfs/usr/local/bin/docker old mode 100644 new mode 100755 index d3b1123f4..1fc5844cf --- a/ssh/rootfs/usr/local/bin/docker +++ b/ssh/rootfs/usr/local/bin/docker @@ -1,4 +1,4 @@ -#!/usr/bin/with-contenv bashio +#!/command/with-contenv bashio # ============================================================================== # Home Assistant Community Add-on: SSH & Web Terminal # This script gives the user instructions on how to enable Docker access. diff --git a/ssh/rootfs/usr/local/bin/reboot b/ssh/rootfs/usr/local/bin/reboot index 9239f5006..7448b6a0e 100755 --- a/ssh/rootfs/usr/local/bin/reboot +++ b/ssh/rootfs/usr/local/bin/reboot @@ -1,4 +1,4 @@ -#!/usr/bin/with-contenv bashio +#!/command/with-contenv bashio # ============================================================================== # Home Assistant Community Add-on: SSH & Web Terminal # This script overrides the reboot command to reboot the host machine. diff --git a/ssh/rootfs/usr/local/bin/shutdown b/ssh/rootfs/usr/local/bin/shutdown index 526ac2586..a04e2a1ff 100755 --- a/ssh/rootfs/usr/local/bin/shutdown +++ b/ssh/rootfs/usr/local/bin/shutdown @@ -1,4 +1,4 @@ -#!/usr/bin/with-contenv bashio +#!/command/with-contenv bashio # ============================================================================== # Home Assistant Community Add-on: SSH & Web Terminal # This script overrides the shutdown command to shutdown the host machine. diff --git a/ssh/rootfs/etc/var/log/btmp b/ssh/rootfs/var/log/btmp old mode 100644 new mode 100755 similarity index 100% rename from ssh/rootfs/etc/var/log/btmp rename to ssh/rootfs/var/log/btmp