infinite activating state for custom build openssh-hpn-sshd on ubuntu 16
1
I've compiled hpn version of openssh(OpenSSH_7.2p2-hpn14v11), sshd itself is working just fine. The problem is that every 2-3 minutes systemd restarts sshd as it doesn't get that service started properly. When I replace with Ubuntu's package of the same version it's working as it should. I've even tested on VM with clean install - same thing. What am I doing wrong?
● ssh.service - OpenBSD Secure Shell server
Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enabled)
Active: activating (start) since Wed 2016-09-28 20:18:49 EDT; 42s ago
Main PID: 24279 (sshd)
Tasks: 9
Memory: 6.8M
CPU: 164ms
CGroup: /system.slice/ssh.service ├─20041 sshd:
root@pts/0 ├─20047
-bash ├─24279
/usr/sbin/sshd -D ├─24628
└─24629 pager
Sep 28 20:18:49 hostname systemd[1]: Starting OpenBSD Secure Shell server... Sep 28 20:18:49 hostname sshd[24279]: Server listening on 0.0.0.0 port 22
cat /lib/systemd/system/ssh.service
[Unit]
Description=OpenBSD Secure Shell server
After=network.target auditd.service
ConditionPathExists=!/etc/ssh/sshd_not_to_be_run
[Service]
EnvironmentFile=-/etc/default/ssh
ExecStart=/usr/sbin/sshd -D $SSHD_OPTS
ExecReload=/bin/kill -HUP $MAINPID
KillMode=process
Restart=on-failure
RestartPreventExitStatus=255
Type=notify
[Install]
WantedBy=multi-user.target
Alias=sshd.service
Logs:
Sep 29 02:22:03 xxx sshd[15007]: Server listening on 0.0.0.0 port 22.
Sep 29 02:22:03 xxx sshd[15007]: Server listening on :: port 22.
Sep 29 02:23:33 xxx systemd[1]: ssh.service: Start operation timed out. Terminating.
Sep 29 02:23:33 xxx systemd[1]: Failed to start OpenBSD Secure Shell server.
Sep 29 02:23:33 xxx systemd[1]: ssh.service: Unit entered failed state.
Sep 29 02:23:33 xxx systemd[1]: ssh.service: Failed with result 'timeout'.
Sep 29 02:23:33 xxx systemd[1]: ssh.service: Service hold-off time over, scheduling restart.
Sep 29 02:23:33 xxx systemd[1]: Stopped OpenBSD Secure Shell server.
Sep 29 02:23:33 xxx systemd[1]: Starting OpenBSD Secure Shell server...
Sep 29 02:23:33 xxx sshd[15775]: Server listening on 0.0.0.0 port 22.
Sep 29 02:23:33 xxx sshd[15775]: Server listening on :: port 22.
ubuntu ssh systemd
asked Sep 29 '16 at 1:34
Stranger04Stranger04
83
add a comment |
1
I've compiled hpn version of openssh(OpenSSH_7.2p2-hpn14v11), sshd itself is working just fine. The problem is that every 2-3 minutes systemd restarts sshd as it doesn't get that service started properly. When I replace with Ubuntu's package of the same version it's working as it should. I've even tested on VM with clean install - same thing. What am I doing wrong?
● ssh.service - OpenBSD Secure Shell server
Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enabled)
Active: activating (start) since Wed 2016-09-28 20:18:49 EDT; 42s ago
Main PID: 24279 (sshd)
Tasks: 9
Memory: 6.8M
CPU: 164ms
CGroup: /system.slice/ssh.service ├─20041 sshd:
root@pts/0 ├─20047
-bash ├─24279
/usr/sbin/sshd -D ├─24628
└─24629 pager
Sep 28 20:18:49 hostname systemd[1]: Starting OpenBSD Secure Shell server... Sep 28 20:18:49 hostname sshd[24279]: Server listening on 0.0.0.0 port 22
cat /lib/systemd/system/ssh.service
[Unit]
Description=OpenBSD Secure Shell server
After=network.target auditd.service
ConditionPathExists=!/etc/ssh/sshd_not_to_be_run
[Service]
EnvironmentFile=-/etc/default/ssh
ExecStart=/usr/sbin/sshd -D $SSHD_OPTS
ExecReload=/bin/kill -HUP $MAINPID
KillMode=process
Restart=on-failure
RestartPreventExitStatus=255
Type=notify
[Install]
WantedBy=multi-user.target
Alias=sshd.service
Logs:
Sep 29 02:22:03 xxx sshd[15007]: Server listening on 0.0.0.0 port 22.
Sep 29 02:22:03 xxx sshd[15007]: Server listening on :: port 22.
Sep 29 02:23:33 xxx systemd[1]: ssh.service: Start operation timed out. Terminating.
Sep 29 02:23:33 xxx systemd[1]: Failed to start OpenBSD Secure Shell server.
Sep 29 02:23:33 xxx systemd[1]: ssh.service: Unit entered failed state.
Sep 29 02:23:33 xxx systemd[1]: ssh.service: Failed with result 'timeout'.
Sep 29 02:23:33 xxx systemd[1]: ssh.service: Service hold-off time over, scheduling restart.
Sep 29 02:23:33 xxx systemd[1]: Stopped OpenBSD Secure Shell server.
Sep 29 02:23:33 xxx systemd[1]: Starting OpenBSD Secure Shell server...
Sep 29 02:23:33 xxx sshd[15775]: Server listening on 0.0.0.0 port 22.
Sep 29 02:23:33 xxx sshd[15775]: Server listening on :: port 22.
ubuntu ssh systemd
asked Sep 29 '16 at 1:34
Stranger04Stranger04
83
add a comment |
1
1
1
1
I've compiled hpn version of openssh(OpenSSH_7.2p2-hpn14v11), sshd itself is working just fine. The problem is that every 2-3 minutes systemd restarts sshd as it doesn't get that service started properly. When I replace with Ubuntu's package of the same version it's working as it should. I've even tested on VM with clean install - same thing. What am I doing wrong?
● ssh.service - OpenBSD Secure Shell server
Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enabled)
Active: activating (start) since Wed 2016-09-28 20:18:49 EDT; 42s ago
Main PID: 24279 (sshd)
Tasks: 9
Memory: 6.8M
CPU: 164ms
CGroup: /system.slice/ssh.service ├─20041 sshd:
root@pts/0 ├─20047
-bash ├─24279
/usr/sbin/sshd -D ├─24628
└─24629 pager
Sep 28 20:18:49 hostname systemd[1]: Starting OpenBSD Secure Shell server... Sep 28 20:18:49 hostname sshd[24279]: Server listening on 0.0.0.0 port 22
cat /lib/systemd/system/ssh.service
[Unit]
Description=OpenBSD Secure Shell server
After=network.target auditd.service
ConditionPathExists=!/etc/ssh/sshd_not_to_be_run
[Service]
EnvironmentFile=-/etc/default/ssh
ExecStart=/usr/sbin/sshd -D $SSHD_OPTS
ExecReload=/bin/kill -HUP $MAINPID
KillMode=process
Restart=on-failure
RestartPreventExitStatus=255
Type=notify
[Install]
WantedBy=multi-user.target
Alias=sshd.service
Logs:
Sep 29 02:22:03 xxx sshd[15007]: Server listening on 0.0.0.0 port 22.
Sep 29 02:22:03 xxx sshd[15007]: Server listening on :: port 22.
Sep 29 02:23:33 xxx systemd[1]: ssh.service: Start operation timed out. Terminating.
Sep 29 02:23:33 xxx systemd[1]: Failed to start OpenBSD Secure Shell server.
Sep 29 02:23:33 xxx systemd[1]: ssh.service: Unit entered failed state.
Sep 29 02:23:33 xxx systemd[1]: ssh.service: Failed with result 'timeout'.
Sep 29 02:23:33 xxx systemd[1]: ssh.service: Service hold-off time over, scheduling restart.
Sep 29 02:23:33 xxx systemd[1]: Stopped OpenBSD Secure Shell server.
Sep 29 02:23:33 xxx systemd[1]: Starting OpenBSD Secure Shell server...
Sep 29 02:23:33 xxx sshd[15775]: Server listening on 0.0.0.0 port 22.
Sep 29 02:23:33 xxx sshd[15775]: Server listening on :: port 22.
ubuntu ssh systemd
asked Sep 29 '16 at 1:34
Stranger04Stranger04
83
I've compiled hpn version of openssh(OpenSSH_7.2p2-hpn14v11), sshd itself is working just fine. The problem is that every 2-3 minutes systemd restarts sshd as it doesn't get that service started properly. When I replace with Ubuntu's package of the same version it's working as it should. I've even tested on VM with clean install - same thing. What am I doing wrong?
● ssh.service - OpenBSD Secure Shell server
Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enabled)
Active: activating (start) since Wed 2016-09-28 20:18:49 EDT; 42s ago
Main PID: 24279 (sshd)
Tasks: 9
Memory: 6.8M
CPU: 164ms
CGroup: /system.slice/ssh.service ├─20041 sshd:
root@pts/0 ├─20047
-bash ├─24279
/usr/sbin/sshd -D ├─24628
└─24629 pager
Sep 28 20:18:49 hostname systemd[1]: Starting OpenBSD Secure Shell server... Sep 28 20:18:49 hostname sshd[24279]: Server listening on 0.0.0.0 port 22
cat /lib/systemd/system/ssh.service
[Unit]
Description=OpenBSD Secure Shell server
After=network.target auditd.service
ConditionPathExists=!/etc/ssh/sshd_not_to_be_run
[Service]
EnvironmentFile=-/etc/default/ssh
ExecStart=/usr/sbin/sshd -D $SSHD_OPTS
ExecReload=/bin/kill -HUP $MAINPID
KillMode=process
Restart=on-failure
RestartPreventExitStatus=255
Type=notify
[Install]
WantedBy=multi-user.target
Alias=sshd.service
Logs:
Sep 29 02:22:03 xxx sshd[15007]: Server listening on 0.0.0.0 port 22.
Sep 29 02:22:03 xxx sshd[15007]: Server listening on :: port 22.
Sep 29 02:23:33 xxx systemd[1]: ssh.service: Start operation timed out. Terminating.
Sep 29 02:23:33 xxx systemd[1]: Failed to start OpenBSD Secure Shell server.
Sep 29 02:23:33 xxx systemd[1]: ssh.service: Unit entered failed state.
Sep 29 02:23:33 xxx systemd[1]: ssh.service: Failed with result 'timeout'.
Sep 29 02:23:33 xxx systemd[1]: ssh.service: Service hold-off time over, scheduling restart.
Sep 29 02:23:33 xxx systemd[1]: Stopped OpenBSD Secure Shell server.
Sep 29 02:23:33 xxx systemd[1]: Starting OpenBSD Secure Shell server...
Sep 29 02:23:33 xxx sshd[15775]: Server listening on 0.0.0.0 port 22.
Sep 29 02:23:33 xxx sshd[15775]: Server listening on :: port 22.
ubuntu ssh systemd
ubuntu ssh systemd
asked Sep 29 '16 at 1:34
Stranger04Stranger04
83
asked Sep 29 '16 at 1:34
Stranger04Stranger04
83
edited Sep 29 '16 at 6:28
Stranger04
asked Sep 29 '16 at 1:34
Stranger04Stranger04
83
asked Sep 29 '16 at 1:34
Stranger04Stranger04
83
asked Sep 29 '16 at 1:34
Stranger04Stranger04
83
83
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
0
Ubuntu backed down to use systemd-way of letting systemd know when it started. It is obvious from the option Type=notify, which makes impossible to use OpenSSH without Systemd patch. There are two possible solutions:
Change the line
Type=notifytoType=forkingand add a new line withPIDFile=/var/run/sshd.pidandExecStartshould be changed to/usr/sbin/sshd $SSHD_OPTS:
Type=forking
PIDFile=/var/run/sshd.pid
ExecStart /usr/sbin/sshd $SSHD_OPTS
Build your OpenSSH with the patch from Debian/Ubuntu:
From fe97848e044743f0bac019a491ddf0138f84e14a Mon Sep 17 00:00:00 2001
From: Michael Biebl <biebl@debian.org>
Date: Mon, 21 Dec 2015 16:08:47 +0000
Subject: Add systemd readiness notification support
Bug-Debian: https://bugs.debian.org/778913
Forwarded: no
Last-Update: 2016-01-04
Patch-Name: systemd-readiness.patch
---
configure.ac | 24 ++++++++++++++++++++++++
sshd.c | 9 +++++++++
2 files changed, 33 insertions(+)
diff --git a/configure.ac b/configure.ac
index f822fb3..6cafb15 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4319,6 +4319,29 @@ AC_ARG_WITH([kerberos5],
AC_SUBST([GSSLIBS])
AC_SUBST([K5LIBS])
+# Check whether user wants systemd support
+SYSTEMD_MSG="no"
+AC_ARG_WITH(systemd,
+ [ --with-systemd Enable systemd support],
+ [ if test "x$withval" != "xno" ; then
+ AC_PATH_TOOL([PKGCONFIG], [pkg-config], [no])
+ if test "$PKGCONFIG" != "no"; then
+ AC_MSG_CHECKING([for libsystemd])
+ if $PKGCONFIG --exists libsystemd; then
+ SYSTEMD_CFLAGS=`$PKGCONFIG --cflags libsystemd`
+ SYSTEMD_LIBS=`$PKGCONFIG --libs libsystemd`
+ CPPFLAGS="$CPPFLAGS $SYSTEMD_CFLAGS"
+ SSHDLIBS="$SSHDLIBS $SYSTEMD_LIBS"
+ AC_MSG_RESULT([yes])
+ AC_DEFINE(HAVE_SYSTEMD, 1, [Define if you want systemd support.])
+ SYSTEMD_MSG="yes"
+ else
+ AC_MSG_RESULT([no])
+ fi
+ fi
+ fi ]
+)
+
# Looking for programs, paths and files
PRIVSEP_PATH=/var/empty
@@ -5121,6 +5144,7 @@ echo " libedit support: $LIBEDIT_MSG"
echo " Solaris process contract support: $SPC_MSG"
echo " Solaris project support: $SP_MSG"
echo " Solaris privilege support: $SPP_MSG"
+echo " systemd support: $SYSTEMD_MSG"
echo " IP address in $DISPLAY hack: $DISPLAY_HACK_MSG"
echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
echo " BSD Auth support: $BSD_AUTH_MSG"
diff --git a/sshd.c b/sshd.c
index 837409b..868df9e 100644
--- a/sshd.c
+++ b/sshd.c
@@ -85,6 +85,10 @@
#include <prot.h>
#endif
+#ifdef HAVE_SYSTEMD
+#include <systemd/sd-daemon.h>
+#endif
+
#include "xmalloc.h"
#include "ssh.h"
#include "ssh1.h"
@@ -2117,6 +2121,11 @@ main(int ac, char **av)
unsetenv("SSH_SIGSTOP");
}
+#ifdef HAVE_SYSTEMD
+ /* Signal systemd that we are ready to accept connections */
+ sd_notify(0, "READY=1");
+#endif
+
/* Accept a connection and return in a forked child */
server_accept_loop(&sock_in, &sock_out,
&newsock, config_s);
edited 31 mins ago
Stephen Kitt
165k24366446
answered Sep 29 '16 at 11:05
JakujeJakuje
16.2k52953
Thx ! 1) in order this to work ExecStart should be changed to "/usr/sbin/sshd $SSHD_OPTS" 2) I wasn't able to apply that patch (even manually) because version 7.2p2 has completely different structure...
– Stranger04
Sep 29 '16 at 14:56
Thanks. I missed that detail. I new there was something more, but I completely forgot about that-D:)
– Jakuje
Sep 29 '16 at 16:14
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
draft saved
draft discarded
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f313080%2finfinite-activating-state-for-custom-build-openssh-hpn-sshd-on-ubuntu-16%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
0
Ubuntu backed down to use systemd-way of letting systemd know when it started. It is obvious from the option Type=notify, which makes impossible to use OpenSSH without Systemd patch. There are two possible solutions:
Change the line
Type=notifytoType=forkingand add a new line withPIDFile=/var/run/sshd.pidandExecStartshould be changed to/usr/sbin/sshd $SSHD_OPTS:
Type=forking
PIDFile=/var/run/sshd.pid
ExecStart /usr/sbin/sshd $SSHD_OPTS
Build your OpenSSH with the patch from Debian/Ubuntu:
From fe97848e044743f0bac019a491ddf0138f84e14a Mon Sep 17 00:00:00 2001
From: Michael Biebl <biebl@debian.org>
Date: Mon, 21 Dec 2015 16:08:47 +0000
Subject: Add systemd readiness notification support
Bug-Debian: https://bugs.debian.org/778913
Forwarded: no
Last-Update: 2016-01-04
Patch-Name: systemd-readiness.patch
---
configure.ac | 24 ++++++++++++++++++++++++
sshd.c | 9 +++++++++
2 files changed, 33 insertions(+)
diff --git a/configure.ac b/configure.ac
index f822fb3..6cafb15 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4319,6 +4319,29 @@ AC_ARG_WITH([kerberos5],
AC_SUBST([GSSLIBS])
AC_SUBST([K5LIBS])
+# Check whether user wants systemd support
+SYSTEMD_MSG="no"
+AC_ARG_WITH(systemd,
+ [ --with-systemd Enable systemd support],
+ [ if test "x$withval" != "xno" ; then
+ AC_PATH_TOOL([PKGCONFIG], [pkg-config], [no])
+ if test "$PKGCONFIG" != "no"; then
+ AC_MSG_CHECKING([for libsystemd])
+ if $PKGCONFIG --exists libsystemd; then
+ SYSTEMD_CFLAGS=`$PKGCONFIG --cflags libsystemd`
+ SYSTEMD_LIBS=`$PKGCONFIG --libs libsystemd`
+ CPPFLAGS="$CPPFLAGS $SYSTEMD_CFLAGS"
+ SSHDLIBS="$SSHDLIBS $SYSTEMD_LIBS"
+ AC_MSG_RESULT([yes])
+ AC_DEFINE(HAVE_SYSTEMD, 1, [Define if you want systemd support.])
+ SYSTEMD_MSG="yes"
+ else
+ AC_MSG_RESULT([no])
+ fi
+ fi
+ fi ]
+)
+
# Looking for programs, paths and files
PRIVSEP_PATH=/var/empty
@@ -5121,6 +5144,7 @@ echo " libedit support: $LIBEDIT_MSG"
echo " Solaris process contract support: $SPC_MSG"
echo " Solaris project support: $SP_MSG"
echo " Solaris privilege support: $SPP_MSG"
+echo " systemd support: $SYSTEMD_MSG"
echo " IP address in $DISPLAY hack: $DISPLAY_HACK_MSG"
echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
echo " BSD Auth support: $BSD_AUTH_MSG"
diff --git a/sshd.c b/sshd.c
index 837409b..868df9e 100644
--- a/sshd.c
+++ b/sshd.c
@@ -85,6 +85,10 @@
#include <prot.h>
#endif
+#ifdef HAVE_SYSTEMD
+#include <systemd/sd-daemon.h>
+#endif
+
#include "xmalloc.h"
#include "ssh.h"
#include "ssh1.h"
@@ -2117,6 +2121,11 @@ main(int ac, char **av)
unsetenv("SSH_SIGSTOP");
}
+#ifdef HAVE_SYSTEMD
+ /* Signal systemd that we are ready to accept connections */
+ sd_notify(0, "READY=1");
+#endif
+
/* Accept a connection and return in a forked child */
server_accept_loop(&sock_in, &sock_out,
&newsock, config_s);
edited 31 mins ago
Stephen Kitt
165k24366446
answered Sep 29 '16 at 11:05
JakujeJakuje
16.2k52953
Thx ! 1) in order this to work ExecStart should be changed to "/usr/sbin/sshd $SSHD_OPTS" 2) I wasn't able to apply that patch (even manually) because version 7.2p2 has completely different structure...
– Stranger04
Sep 29 '16 at 14:56
Thanks. I missed that detail. I new there was something more, but I completely forgot about that-D:)
– Jakuje
Sep 29 '16 at 16:14
add a comment |
0
Ubuntu backed down to use systemd-way of letting systemd know when it started. It is obvious from the option Type=notify, which makes impossible to use OpenSSH without Systemd patch. There are two possible solutions:
Change the line
Type=notifytoType=forkingand add a new line withPIDFile=/var/run/sshd.pidandExecStartshould be changed to/usr/sbin/sshd $SSHD_OPTS:
Type=forking
PIDFile=/var/run/sshd.pid
ExecStart /usr/sbin/sshd $SSHD_OPTS
Build your OpenSSH with the patch from Debian/Ubuntu:
From fe97848e044743f0bac019a491ddf0138f84e14a Mon Sep 17 00:00:00 2001
From: Michael Biebl <biebl@debian.org>
Date: Mon, 21 Dec 2015 16:08:47 +0000
Subject: Add systemd readiness notification support
Bug-Debian: https://bugs.debian.org/778913
Forwarded: no
Last-Update: 2016-01-04
Patch-Name: systemd-readiness.patch
---
configure.ac | 24 ++++++++++++++++++++++++
sshd.c | 9 +++++++++
2 files changed, 33 insertions(+)
diff --git a/configure.ac b/configure.ac
index f822fb3..6cafb15 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4319,6 +4319,29 @@ AC_ARG_WITH([kerberos5],
AC_SUBST([GSSLIBS])
AC_SUBST([K5LIBS])
+# Check whether user wants systemd support
+SYSTEMD_MSG="no"
+AC_ARG_WITH(systemd,
+ [ --with-systemd Enable systemd support],
+ [ if test "x$withval" != "xno" ; then
+ AC_PATH_TOOL([PKGCONFIG], [pkg-config], [no])
+ if test "$PKGCONFIG" != "no"; then
+ AC_MSG_CHECKING([for libsystemd])
+ if $PKGCONFIG --exists libsystemd; then
+ SYSTEMD_CFLAGS=`$PKGCONFIG --cflags libsystemd`
+ SYSTEMD_LIBS=`$PKGCONFIG --libs libsystemd`
+ CPPFLAGS="$CPPFLAGS $SYSTEMD_CFLAGS"
+ SSHDLIBS="$SSHDLIBS $SYSTEMD_LIBS"
+ AC_MSG_RESULT([yes])
+ AC_DEFINE(HAVE_SYSTEMD, 1, [Define if you want systemd support.])
+ SYSTEMD_MSG="yes"
+ else
+ AC_MSG_RESULT([no])
+ fi
+ fi
+ fi ]
+)
+
# Looking for programs, paths and files
PRIVSEP_PATH=/var/empty
@@ -5121,6 +5144,7 @@ echo " libedit support: $LIBEDIT_MSG"
echo " Solaris process contract support: $SPC_MSG"
echo " Solaris project support: $SP_MSG"
echo " Solaris privilege support: $SPP_MSG"
+echo " systemd support: $SYSTEMD_MSG"
echo " IP address in $DISPLAY hack: $DISPLAY_HACK_MSG"
echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
echo " BSD Auth support: $BSD_AUTH_MSG"
diff --git a/sshd.c b/sshd.c
index 837409b..868df9e 100644
--- a/sshd.c
+++ b/sshd.c
@@ -85,6 +85,10 @@
#include <prot.h>
#endif
+#ifdef HAVE_SYSTEMD
+#include <systemd/sd-daemon.h>
+#endif
+
#include "xmalloc.h"
#include "ssh.h"
#include "ssh1.h"
@@ -2117,6 +2121,11 @@ main(int ac, char **av)
unsetenv("SSH_SIGSTOP");
}
+#ifdef HAVE_SYSTEMD
+ /* Signal systemd that we are ready to accept connections */
+ sd_notify(0, "READY=1");
+#endif
+
/* Accept a connection and return in a forked child */
server_accept_loop(&sock_in, &sock_out,
&newsock, config_s);
edited 31 mins ago
Stephen Kitt
165k24366446
answered Sep 29 '16 at 11:05
JakujeJakuje
16.2k52953
Thx ! 1) in order this to work ExecStart should be changed to "/usr/sbin/sshd $SSHD_OPTS" 2) I wasn't able to apply that patch (even manually) because version 7.2p2 has completely different structure...
– Stranger04
Sep 29 '16 at 14:56
Thanks. I missed that detail. I new there was something more, but I completely forgot about that-D:)
– Jakuje
Sep 29 '16 at 16:14
add a comment |
0
0
0
Ubuntu backed down to use systemd-way of letting systemd know when it started. It is obvious from the option Type=notify, which makes impossible to use OpenSSH without Systemd patch. There are two possible solutions:
Change the line
Type=notifytoType=forkingand add a new line withPIDFile=/var/run/sshd.pidandExecStartshould be changed to/usr/sbin/sshd $SSHD_OPTS:
Type=forking
PIDFile=/var/run/sshd.pid
ExecStart /usr/sbin/sshd $SSHD_OPTS
Build your OpenSSH with the patch from Debian/Ubuntu:
From fe97848e044743f0bac019a491ddf0138f84e14a Mon Sep 17 00:00:00 2001
From: Michael Biebl <biebl@debian.org>
Date: Mon, 21 Dec 2015 16:08:47 +0000
Subject: Add systemd readiness notification support
Bug-Debian: https://bugs.debian.org/778913
Forwarded: no
Last-Update: 2016-01-04
Patch-Name: systemd-readiness.patch
---
configure.ac | 24 ++++++++++++++++++++++++
sshd.c | 9 +++++++++
2 files changed, 33 insertions(+)
diff --git a/configure.ac b/configure.ac
index f822fb3..6cafb15 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4319,6 +4319,29 @@ AC_ARG_WITH([kerberos5],
AC_SUBST([GSSLIBS])
AC_SUBST([K5LIBS])
+# Check whether user wants systemd support
+SYSTEMD_MSG="no"
+AC_ARG_WITH(systemd,
+ [ --with-systemd Enable systemd support],
+ [ if test "x$withval" != "xno" ; then
+ AC_PATH_TOOL([PKGCONFIG], [pkg-config], [no])
+ if test "$PKGCONFIG" != "no"; then
+ AC_MSG_CHECKING([for libsystemd])
+ if $PKGCONFIG --exists libsystemd; then
+ SYSTEMD_CFLAGS=`$PKGCONFIG --cflags libsystemd`
+ SYSTEMD_LIBS=`$PKGCONFIG --libs libsystemd`
+ CPPFLAGS="$CPPFLAGS $SYSTEMD_CFLAGS"
+ SSHDLIBS="$SSHDLIBS $SYSTEMD_LIBS"
+ AC_MSG_RESULT([yes])
+ AC_DEFINE(HAVE_SYSTEMD, 1, [Define if you want systemd support.])
+ SYSTEMD_MSG="yes"
+ else
+ AC_MSG_RESULT([no])
+ fi
+ fi
+ fi ]
+)
+
# Looking for programs, paths and files
PRIVSEP_PATH=/var/empty
@@ -5121,6 +5144,7 @@ echo " libedit support: $LIBEDIT_MSG"
echo " Solaris process contract support: $SPC_MSG"
echo " Solaris project support: $SP_MSG"
echo " Solaris privilege support: $SPP_MSG"
+echo " systemd support: $SYSTEMD_MSG"
echo " IP address in $DISPLAY hack: $DISPLAY_HACK_MSG"
echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
echo " BSD Auth support: $BSD_AUTH_MSG"
diff --git a/sshd.c b/sshd.c
index 837409b..868df9e 100644
--- a/sshd.c
+++ b/sshd.c
@@ -85,6 +85,10 @@
#include <prot.h>
#endif
+#ifdef HAVE_SYSTEMD
+#include <systemd/sd-daemon.h>
+#endif
+
#include "xmalloc.h"
#include "ssh.h"
#include "ssh1.h"
@@ -2117,6 +2121,11 @@ main(int ac, char **av)
unsetenv("SSH_SIGSTOP");
}
+#ifdef HAVE_SYSTEMD
+ /* Signal systemd that we are ready to accept connections */
+ sd_notify(0, "READY=1");
+#endif
+
/* Accept a connection and return in a forked child */
server_accept_loop(&sock_in, &sock_out,
&newsock, config_s);
edited 31 mins ago
Stephen Kitt
165k24366446
answered Sep 29 '16 at 11:05
JakujeJakuje
16.2k52953
Ubuntu backed down to use systemd-way of letting systemd know when it started. It is obvious from the option Type=notify, which makes impossible to use OpenSSH without Systemd patch. There are two possible solutions:
Change the line
Type=notifytoType=forkingand add a new line withPIDFile=/var/run/sshd.pidandExecStartshould be changed to/usr/sbin/sshd $SSHD_OPTS:
Type=forking
PIDFile=/var/run/sshd.pid
ExecStart /usr/sbin/sshd $SSHD_OPTS
Build your OpenSSH with the patch from Debian/Ubuntu:
From fe97848e044743f0bac019a491ddf0138f84e14a Mon Sep 17 00:00:00 2001
From: Michael Biebl <biebl@debian.org>
Date: Mon, 21 Dec 2015 16:08:47 +0000
Subject: Add systemd readiness notification support
Bug-Debian: https://bugs.debian.org/778913
Forwarded: no
Last-Update: 2016-01-04
Patch-Name: systemd-readiness.patch
---
configure.ac | 24 ++++++++++++++++++++++++
sshd.c | 9 +++++++++
2 files changed, 33 insertions(+)
diff --git a/configure.ac b/configure.ac
index f822fb3..6cafb15 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4319,6 +4319,29 @@ AC_ARG_WITH([kerberos5],
AC_SUBST([GSSLIBS])
AC_SUBST([K5LIBS])
+# Check whether user wants systemd support
+SYSTEMD_MSG="no"
+AC_ARG_WITH(systemd,
+ [ --with-systemd Enable systemd support],
+ [ if test "x$withval" != "xno" ; then
+ AC_PATH_TOOL([PKGCONFIG], [pkg-config], [no])
+ if test "$PKGCONFIG" != "no"; then
+ AC_MSG_CHECKING([for libsystemd])
+ if $PKGCONFIG --exists libsystemd; then
+ SYSTEMD_CFLAGS=`$PKGCONFIG --cflags libsystemd`
+ SYSTEMD_LIBS=`$PKGCONFIG --libs libsystemd`
+ CPPFLAGS="$CPPFLAGS $SYSTEMD_CFLAGS"
+ SSHDLIBS="$SSHDLIBS $SYSTEMD_LIBS"
+ AC_MSG_RESULT([yes])
+ AC_DEFINE(HAVE_SYSTEMD, 1, [Define if you want systemd support.])
+ SYSTEMD_MSG="yes"
+ else
+ AC_MSG_RESULT([no])
+ fi
+ fi
+ fi ]
+)
+
# Looking for programs, paths and files
PRIVSEP_PATH=/var/empty
@@ -5121,6 +5144,7 @@ echo " libedit support: $LIBEDIT_MSG"
echo " Solaris process contract support: $SPC_MSG"
echo " Solaris project support: $SP_MSG"
echo " Solaris privilege support: $SPP_MSG"
+echo " systemd support: $SYSTEMD_MSG"
echo " IP address in $DISPLAY hack: $DISPLAY_HACK_MSG"
echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
echo " BSD Auth support: $BSD_AUTH_MSG"
diff --git a/sshd.c b/sshd.c
index 837409b..868df9e 100644
--- a/sshd.c
+++ b/sshd.c
@@ -85,6 +85,10 @@
#include <prot.h>
#endif
+#ifdef HAVE_SYSTEMD
+#include <systemd/sd-daemon.h>
+#endif
+
#include "xmalloc.h"
#include "ssh.h"
#include "ssh1.h"
@@ -2117,6 +2121,11 @@ main(int ac, char **av)
unsetenv("SSH_SIGSTOP");
}
+#ifdef HAVE_SYSTEMD
+ /* Signal systemd that we are ready to accept connections */
+ sd_notify(0, "READY=1");
+#endif
+
/* Accept a connection and return in a forked child */
server_accept_loop(&sock_in, &sock_out,
&newsock, config_s);
edited 31 mins ago
Stephen Kitt
165k24366446
answered Sep 29 '16 at 11:05
JakujeJakuje
16.2k52953
edited 31 mins ago
Stephen Kitt
165k24366446
edited 31 mins ago
Stephen Kitt
165k24366446
edited 31 mins ago
Stephen Kitt
165k24366446
165k24366446
answered Sep 29 '16 at 11:05
JakujeJakuje
16.2k52953
answered Sep 29 '16 at 11:05
JakujeJakuje
16.2k52953
answered Sep 29 '16 at 11:05
JakujeJakuje
16.2k52953
16.2k52953
Thx ! 1) in order this to work ExecStart should be changed to "/usr/sbin/sshd $SSHD_OPTS" 2) I wasn't able to apply that patch (even manually) because version 7.2p2 has completely different structure...
– Stranger04
Sep 29 '16 at 14:56
Thanks. I missed that detail. I new there was something more, but I completely forgot about that-D:)
– Jakuje
Sep 29 '16 at 16:14
add a comment |
Thx ! 1) in order this to work ExecStart should be changed to "/usr/sbin/sshd $SSHD_OPTS" 2) I wasn't able to apply that patch (even manually) because version 7.2p2 has completely different structure...
– Stranger04
Sep 29 '16 at 14:56
Thanks. I missed that detail. I new there was something more, but I completely forgot about that-D:)
– Jakuje
Sep 29 '16 at 16:14
Thx ! 1) in order this to work ExecStart should be changed to "/usr/sbin/sshd $SSHD_OPTS" 2) I wasn't able to apply that patch (even manually) because version 7.2p2 has completely different structure...
– Stranger04
Sep 29 '16 at 14:56
Thx ! 1) in order this to work ExecStart should be changed to "/usr/sbin/sshd $SSHD_OPTS" 2) I wasn't able to apply that patch (even manually) because version 7.2p2 has completely different structure...
– Stranger04
Sep 29 '16 at 14:56
Thanks. I missed that detail. I new there was something more, but I completely forgot about that
-D :)– Jakuje
Sep 29 '16 at 16:14
Thanks. I missed that detail. I new there was something more, but I completely forgot about that
-D :)– Jakuje
Sep 29 '16 at 16:14
add a comment |
draft saved
draft discarded
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
draft saved
draft discarded
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f313080%2finfinite-activating-state-for-custom-build-openssh-hpn-sshd-on-ubuntu-16%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
