CP-53721 Implement SSH set auto mode API for Dom0 SSH control

Implemented XAPI APIs for SSH auto mode configuration:
  - `host.set_ssh_auto_mode`: Configures SSH auto mode for a specific host.
  - `pool.set_ssh_auto_mode`: Configures SSH auto mode for all hosts in the pool.

Additionally:
  - `host.enable_ssh` now automatically sets SSH auto mode to `false`.

Signed-off-by: Lunfan Zhang <[email protected]>

Author: LunfanZhang

ocaml/xapi/xapi_globs.ml

@@ -1297,6 +1297,8 @@ let job_for_disable_ssh = ref "Disable SSH"
 
 let ssh_service = ref "sshd"
 
+let ssh_monitor_service = ref "xapi-ssh-monitor"
+
 (* Fingerprint of default patch key *)
 let citrix_patch_key =
   "NERDNTUzMDMwRUMwNDFFNDI4N0M4OEVCRUFEMzlGOTJEOEE5REUyNg=="

ocaml/xapi/xapi_host.ml

@@ -3158,6 +3158,33 @@ let schedule_disable_ssh_job ~__context ~self ~timeout =
 
   Db.Host.set_ssh_expiry ~__context ~self ~value:expiry_time
 
+let set_ssh_auto_mode ~__context ~self ~value =
+  debug "Setting SSH auto mode for host %s to %B"
+    (Helpers.get_localhost_uuid ())
+    value ;
+
+  if value && Db.Host.get_ssh_enabled ~__context ~self then
+    raise (Api_errors.Server_error (Api_errors.ssh_auto_mode_conflict, [])) ;
+
+  Db.Host.set_ssh_auto_mode ~__context ~self ~value ;
+
+  try
+    if value then (
+      Xapi_systemctl.enable ~wait_until_success:false
+        !Xapi_globs.ssh_monitor_service ;
+      Xapi_systemctl.start ~wait_until_success:false
+        !Xapi_globs.ssh_monitor_service
+    ) else (
+      Xapi_systemctl.stop ~wait_until_success:false
+        !Xapi_globs.ssh_monitor_service ;
+      Xapi_systemctl.disable ~wait_until_success:false
+        !Xapi_globs.ssh_monitor_service
+    )
+  with e ->
+    error "Failed to configure SSH auto mode: %s" (Printexc.to_string e) ;
+    Helpers.internal_error "Failed to configure SSH auto mode: %s"
+      (Printexc.to_string e)
+
 let enable_ssh ~__context ~self =
   try
     debug "Enabling SSH for host %s" (Helpers.get_localhost_uuid ()) ;
@@ -3174,7 +3201,9 @@ let enable_ssh ~__context ~self =
         schedule_disable_ssh_job ~__context ~self ~timeout:t
     ) ;
 
-    Db.Host.set_ssh_enabled ~__context ~self ~value:true
+    Db.Host.set_ssh_enabled ~__context ~self ~value:true ;
+    (* Disable SSH auto mode when SSH is enabled manually *)
+    set_ssh_auto_mode ~__context ~self ~value:false
   with e ->
     error "Failed to enable SSH on host %s: %s" (Ref.string_of self)
       (Printexc.to_string e) ;
@@ -3244,5 +3273,3 @@ let set_console_idle_timeout ~__context ~self ~value =
     error "Failed to configure console timeout: %s" (Printexc.to_string e) ;
     Helpers.internal_error "Failed to set console timeout: %Ld: %s" value
       (Printexc.to_string e)
-
-let set_ssh_auto_mode ~__context ~self:_ ~value:_ = ()

ocaml/xapi/xapi_pool.ml

@@ -4070,6 +4070,13 @@ module Ssh = struct
         Client.Host.set_console_idle_timeout ~rpc ~session_id ~self ~value
       )
       ~error:Api_errors.set_console_timeout_partially_failed
+
+  let set_ssh_auto_mode ~__context ~self:_ ~value =
+    operate ~__context
+      ~action:(fun ~rpc ~session_id ~self ->
+        Client.Host.set_ssh_auto_mode ~rpc ~session_id ~self ~value
+      )
+      ~error:Api_errors.set_ssh_auto_mode_partially_failed
 end
 
 let enable_ssh = Ssh.enable
@@ -4080,4 +4087,4 @@ let set_ssh_enabled_timeout = Ssh.set_enabled_timeout
 
 let set_console_idle_timeout = Ssh.set_console_timeout
 
-let set_ssh_auto_mode ~__context ~self:_ ~value:_ = ()
+let set_ssh_auto_mode = Ssh.set_ssh_auto_mode