bkctld: don't replace SSH host keys when creating/updating a jail

2020-08-19 13:57:18 +02:00 · 2020-08-19 13:57:18 +02:00 · 1063dfe74d
parent c141986a6d
commit 1063dfe74d
2 changed files with 11 additions and 1 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -13,6 +13,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ### Changed

 * bkctld-update: start jail after upgrade if it was started before
+* bkctld: don't replace SSH host keys when creating/updating a jail
 * Split check into check-jails and check-setup
 * bkctld-check-jails checks if jails 
 * bkctld-check-setup checks if the partition is mounted and writable, if firewall is configured and if all jails are started
--- a/lib/includes
+++ b/lib/includes
@ -226,7 +226,16 @@ setup_jail_chroot() {
    umask 077

    info "1 - Creating the chroot"
-    rm -rf ./bin ./lib ./lib64 ./run ./usr ./var/run ./etc/ssh/*key
+
+    rm -rf ./bin
+    rm -rf ./lib
+    rm -rf ./lib64
+    rm -rf ./run
+    rm -rf ./usr
+    rm -rf ./var/run
+    # Let's not delete the existing SSH host keys,
+    # otherwise the clients will have to accept the new keys
+
    mkdir -p ./dev
    mkdir -p ./proc
    mkdir -p ./usr/bin