From bfa617b88043bb4754f81bdbf95d178fbf2116ac Mon Sep 17 00:00:00 2001
From: Robert Fairley <rfairley@redhat.com>
Date: Jan 15 2019 23:07:55 +0000
Subject: Add manual and update dependencies


---

diff --git a/README.md b/README.md
index 4cdda72..c6ada9b 100644
--- a/README.md
+++ b/README.md
@@ -1,80 +1,43 @@
 # console-login-helper-messages
 
-Uses `motd`, `issue`, and `profile` to show helper messages before/at login.
+Shows helper messages at or before login using `motd`, `issue`, and `profile`.
 
 Useful in situations where a desktop environment is not available and information is communicated through the terminal.
 
-## Usage
+## Messages shown
 
-The following messages will show after installing `console-login-helper-messages` and enabling the `issuegen.service`, `issuegen.path`, `motdgen.service`, `motdgen.path` units.
+The following messages will show before or upon login after installing `console-login-helper-messages` and enabling the needed units (see [manual](manual.md)).
 
-- [x] available ssh keys from `/etc/ssh` matching the regex `ssh_host_*_key`, _before_ login as an **issue**
-- [x] ip addresses of network interfaces such as `eth0`, _before_ login as an **issue**
-- [x] available system updates from rpm-ostree or dnf, _at_ login as a **motd**
-- [x] failed systemd units, _at_ login as a bash **profile** script
+- [x] available ssh keys from `/etc/ssh`
+- [x] ip addresses of network interfaces to SSH into
+- [x] system information from `/etc/os-release`
+- [x] failed systemd units
 
-### Enabling the messages
+### Example
 
-The following enables the `motd` and `issue` messages to show at boot:
+Before login (serial console):
 
 ```
-systemctl enable issuegen.path issuegen.service motdgen.path motdgen.service
+SSH host key: SHA256:yP+/44/bfuj6UKHdUwAVURsO3y6haKLKfSFNcnmn7bY (ECDSA)
+SSH host key: SHA256:gGDZ/JQzwL76UpT29dyZ/M6Zua7QvGyegP8aTLc/D+Y (DSA)
+SSH host key: SHA256:nQEysCYP3hZgkus2+e28KQGrs0pRI2NOgJGQ6L8PnyU (RSA)
+SSH host key: SHA256:A3c6toZ3/eTMKNDmyyG9CYUSWsdSunmTeOC68iuDfAg (ED25519)
+eth0: 192.168.122.36 fe80::5054:ff:fe85:43a6
 ```
 
-The `profile` messages are enabled by default by a symlink from `/etc/profile.d` at install.
-
-### Disabling the messages
-
-The following disables the `motd` and `issue`  messages from showing at boot:
+At login:
 
 ```
-systemctl disable issuegen.path issuegen.service motdgen.path motdgen.service
+Fedora CoreOS (preview)
+[systemd]
+Failed Units: 1
+    var-srv.mount
 ```
 
-The `profile` messages can be disabled only by uninstalling `console-login-helper-messages-profile`.
-
-### Appending messages
-
-- Additional `motd` files to display can be dropped into `/etc/motd.d`, `/run/motd.d`, or `/usr/lib/motd.d` (displayed by `sshd` with the latest PAM installed). This is by default available on Fedora (without installing `console-login-helper-messages`).
-- Additional `issue` files to display can be dropped into `/etc/issue.d` (displayed by `agetty`). This is also by default available on Fedora.
-
-- To have a message appended to the same `motd` file generated by `motdgen.service`, the files to append can be dropped in `/etc/console-login-helper-messages/motd.d` or `/run/console-login-helper-messages/motd.d`
-- Similarly, `issue` messages to append to the same `issue` file generated by `issuegen.service` can be dropped in `/etc/console-login-helper-messages/issue.d` or  or `/run/console-login-helper-messages/issue.d`
-
-### Silencing a generated message
-
-- The generated `motd` by `motdgen.service` may be silenced or overridden by placing a file at `/etc/motd.d/console-login-helper-messages.motd`. A symlink to `/dev/null` can also be used for silencing.
-- Currently, the `issue` generated by `issuegen.service` can be silenced only by uninstalling `console-login-helper-messages-issuegen`.
-
-### Recreating the symlinks
-
-If a message is not showing, it could be because a symlink required to show the message was deleted. To recreate the symlinks, the following command can be used:
-
-```
-systemd-tmpfiles --create
-```
-
-### Regenerating the messages
-
-To manually regenerate the `motd` or `issue`, the following commands can be used respectively:
-
-```
-systemctl start motdgen.service
-systemctl start issuegen.service
-```
-
-## Internal operation
-
-Let `x` denote `{motd,issue}`.
-- `x`gen scripts source files from `/etc/console-login-helper-messages/x.d`, `/run/console-login-helper-messages/x.d`, and `/usr/lib/console-login-helper-messages/x.d`, and generate a file at `/run/x.d/40_console-login-helper-messages.x`
-- Information about the system is sourced by running commands such as `rpm-ostree upgrade --check`, looking in directories such as `/etc/ssh`, or other ways like `udev` rules dropping files into `/run/console-login-helper-messages/issue.d`. More details are best explained by looking at the scripts in `usr/lib/console-login-helper-messages/issuegen` or `usr/lib/console-login-helper-messages/motdgen`.
-- The systemd units `issuegen.service` and `motdgen.service` are oneshot units whose job is to generate the messages at `/run/x.d/40_console-login-helper-messages.x`.
-- The systmed units `issuegen.path` and `motdgen.path` are used to check if a user dropped a file in `/etc/console-login-helper-messages/x.d`, and regenerate the messages.
-- A symlink `/etc/issue.d/console-login-helper-messages.issue -> /run/issue.d/console-login-helper-messages.issue` is created as agetty will only look for files in `/etc/issue.d` as of today, so a symlink to the generated one is required.
-- A symlink `/etc/profile.d/console-login-helper-messages-profile.sh -> /usr/share/console-login-helper-messages/console-login-helper-messages-profile.sh` is created in order for the profile script to run.
+## Customizing
 
-### Note on upstream dependencies
+The motd/issue messages are defaults and can be disabled following the [manual](manual.md#Disabling-messages).
 
-TODO:
- - note the PAM, sshd agetty versions, and distributions that use these versions
- - list distributions that have the required functionality by default (where `console-login-helper-messages` has been tested)
+Messages can be appended to the motd or issue, by placing
+files in the directories sourced by motdgen/issuegen to generate
+the message (see [manual](#Appending-messages)).
diff --git a/console-login-helper-messages.spec b/console-login-helper-messages.spec
index 22466cb..164e8b7 100644
--- a/console-login-helper-messages.spec
+++ b/console-login-helper-messages.spec
@@ -21,9 +21,11 @@ Requires:       bash systemd
 %package motdgen
 Summary:        Message of the day generator
 Requires:       console-login-helper-messages
-Requires:       bash systemd
+Requires:       bash systemd setup
+# Permission for sshd to display /run/motd and /run/motd.d
+Requires:       selinux-policy >= 3.14.3-14
 # Needed to display motds under /run and /usr/lib
-Recommends:     pam >= 1.3.1-12 if sshd
+Recommends:       pam >= 1.3.1-15 if openssh
 
 %description motdgen
 %{summary}.
@@ -31,10 +33,10 @@ Recommends:     pam >= 1.3.1-12 if sshd
 %package issuegen
 Summary:        Issue generator
 Requires:       console-login-helper-messages
-Requires:       bash systemd
+Requires:       bash systemd setup
 # agetty is included in util-linux, which searches /etc/issue.d.
 # Needed to display issues symlinked from /etc/issue.d.
-Requires:       util-linux
+Requires:       util-linux >= 2.32-1
 
 %description issuegen
 %{summary}.
@@ -42,7 +44,7 @@ Requires:       util-linux
 %package profile
 Summary:        Profile script
 Requires:       console-login-helper-messages
-Requires:       bash systemd
+Requires:       bash systemd setup
 
 %description profile
 %{summary}.
diff --git a/manual.md b/manual.md
new file mode 100644
index 0000000..3757e7f
--- /dev/null
+++ b/manual.md
@@ -0,0 +1,77 @@
+# Manual - console-login-helper-messages
+
+## Packages/subpackages
+
+The following packages/subpackages provide the following functions:
+
+| package                                | function |
+| -------------------------------------- | --- |
+| console-login-helper-messages          | base directory layout for this packge |
+| console-login-helper-messages-issuegen | messages shown on serial console using issue (SSH keys, IP address for SSH) |
+| console-login-helper-messages-motdgen  | messages shown using the motd paths after SSH in (system information) |
+| console-login-helper-messages-profile  | messages shown using /etc/profile.d script, shown on login to bash terminal (failed systemd units) |
+
+## Note on upstream dependencies
+
+issuegen/motdgen rely on upstream features from packages such as PAM and agetty, to locate the issue/motd files and display them. The table below gives the earliest package version that the
+needed features are given in.
+
+| package                                      | fc28        | stable? | fc29        | stable? | 
+| -------------------------------------        | ----        | ------- | ----        | ------- | 
+| pam (for sshd which uses pam_motd.so)        | 1.3.1-15    |    Y    | 1.3.1-15    |    Y    |
+| selinux-policy (permissions under /run)      | 3.14.3-14   |    N    | 3.14.3-14   |    N    |
+| util-linux (aggetty to display /etc/issue.d) | 2.32-1      |    Y    | 2.32-1      |    Y    |
+
+## Common operations
+
+### Enabling messages
+
+The following enables the `motd` and `issue` messages to show at boot:
+
+```
+systemctl enable issuegen.path issuegen.service motdgen.path motdgen.service
+```
+
+The `profile` messages are enabled by default by a symlink from `/etc/profile.d` at install.
+
+### Appending messages
+
+- Additional `motd` files to display can be dropped into `/etc/motd.d`, `/run/motd.d`, or `/usr/lib/motd.d` (displayed by `sshd` with the latest PAM installed). This is by default available on Fedora (without installing `console-login-helper-messages`).
+- Additional `issue` files to display can be dropped into `/etc/issue.d` (displayed by `agetty`). This is also by default available on Fedora.
+
+- To have a message appended to the same `motd` file generated by `motdgen.service`, the files to append can be dropped in `/etc/console-login-helper-messages/motd.d` or `/run/console-login-helper-messages/motd.d`
+- Similarly, `issue` messages to append to the same `issue` file generated by `issuegen.service` can be dropped in `/etc/console-login-helper-messages/issue.d` or  or `/run/console-login-helper-messages/issue.d`
+
+### Disabling messages
+
+The following disables the `motd` and `issue`  messages from showing:
+
+```
+systemctl disable issuegen.path issuegen.service motdgen.path motdgen.service
+```
+
+The `profile` messages can be disabled only by uninstalling `console-login-helper-messages-profile`.
+
+#### Silencing a generated message without disabling
+
+Messages can be silenced, but not disabled from being generated.
+
+- The generated `motd` by `motdgen.service` may be silenced or overridden by placing a file at `/etc/motd.d/console-login-helper-messages.motd`. A symlink to `/dev/null` can also be used for silencing.
+- Currently, the `issue` generated by `issuegen.service` can be silenced only by uninstalling `console-login-helper-messages-issuegen`.
+
+### Recreating the symlinks
+
+If a message is not showing, it could be because a symlink required to show the message was deleted. To recreate the symlinks, the following command can be used:
+
+```
+systemd-tmpfiles --create
+```
+
+### Regenerating the messages
+
+To manually regenerate the `motd` or `issue`, the following commands can be used respectively:
+
+```
+systemctl start motdgen.service
+systemctl start issuegen.service
+```