From e23b03b9c091c46115fdfb87810e2418c7039c76 Mon Sep 17 00:00:00 2001 From: Michael Prokop Date: Fri, 1 Dec 2017 10:51:47 +0100 Subject: [PATCH] ssh service: set RuntimeDirectory=sshd to work with recent openssh versions We need to set RuntimeDirectory=sshd, otherwise /run/sshd doesn't exist and service startup fails with: | grml sshd[1845]: Missing privilege separation directory: /run/sshd While at it sync our ssh service file with Debian's openssh package 1:7.6p1-2 and drop the unused ssh-bootoption.service file (we currently start ssh service via grml-autoconfig). Also see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864190 Closes grml/grml#80 Thanks: sl0n for bugreport Thanks: Darshaka Pathirana for feedback --- .../etc/systemd/system/ssh-bootoption.service/GRMLBASE | 17 ----------------- .../files/etc/systemd/system/ssh.service/GRMLBASE | 7 ++++++- 2 files changed, 6 insertions(+), 18 deletions(-) delete mode 100644 etc/grml/fai/config/files/etc/systemd/system/ssh-bootoption.service/GRMLBASE diff --git a/etc/grml/fai/config/files/etc/systemd/system/ssh-bootoption.service/GRMLBASE b/etc/grml/fai/config/files/etc/systemd/system/ssh-bootoption.service/GRMLBASE deleted file mode 100644 index 797f394..0000000 --- a/etc/grml/fai/config/files/etc/systemd/system/ssh-bootoption.service/GRMLBASE +++ /dev/null @@ -1,17 +0,0 @@ -# This file was deployed via grml-live. - -[Unit] -Description=OpenBSD Secure Shell server -After=network.target auditd.service -ConditionKernelCommandLine=ssh -ConditionPathExists=!/etc/ssh/sshd_not_to_be_run - -[Service] -EnvironmentFile=-/etc/default/ssh -ExecStart=/usr/sbin/sshd -D $SSHD_OPTS -ExecReload=/bin/kill -HUP $MAINPID -KillMode=process -Restart=on-failure - -[Install] -WantedBy=grml-boot.target diff --git a/etc/grml/fai/config/files/etc/systemd/system/ssh.service/GRMLBASE b/etc/grml/fai/config/files/etc/systemd/system/ssh.service/GRMLBASE index e752f65..e41b058 100644 --- a/etc/grml/fai/config/files/etc/systemd/system/ssh.service/GRMLBASE +++ b/etc/grml/fai/config/files/etc/systemd/system/ssh.service/GRMLBASE @@ -8,12 +8,17 @@ ConditionPathExists=!/etc/ssh/sshd_not_to_be_run [Service] EnvironmentFile=-/etc/default/ssh ExecStartPre=-/bin/sh -c "/usr/bin/ssh-keygen -A" +ExecStartPre=/usr/sbin/sshd -t ExecStart=/usr/sbin/sshd -D $SSHD_OPTS +ExecReload=/usr/sbin/sshd -t ExecReload=/bin/kill -HUP $MAINPID KillMode=process Restart=on-failure +RestartPreventExitStatus=255 +Type=notify +RuntimeDirectory=sshd +RuntimeDirectoryMode=0755 [Install] WantedBy=multi-user.target Alias=sshd.service - -- 2.1.4