We need to set RuntimeDirectory=sshd, otherwise /run/sshd doesn't
exist and service startup fails with:
| grml sshd[1845]: Missing privilege separation directory: /run/sshd
While at it sync our ssh service file with Debian's openssh
package 1:7.6p1-2 and drop the unused ssh-bootoption.service
file (we currently start ssh service via grml-autoconfig).
Also see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864190
Closes grml/grml#80
Thanks: sl0n for bugreport
Thanks: Darshaka Pathirana <dpat@grml.org> for feedback
+++ /dev/null
-# This file was deployed via grml-live.
-
-[Unit]
-Description=OpenBSD Secure Shell server
-After=network.target auditd.service
-ConditionKernelCommandLine=ssh
-ConditionPathExists=!/etc/ssh/sshd_not_to_be_run
-
-[Service]
-EnvironmentFile=-/etc/default/ssh
-ExecStart=/usr/sbin/sshd -D $SSHD_OPTS
-ExecReload=/bin/kill -HUP $MAINPID
-KillMode=process
-Restart=on-failure
-
-[Install]
-WantedBy=grml-boot.target
[Service]
EnvironmentFile=-/etc/default/ssh
ExecStartPre=-/bin/sh -c "/usr/bin/ssh-keygen -A"
+ExecStartPre=/usr/sbin/sshd -t
ExecStart=/usr/sbin/sshd -D $SSHD_OPTS
+ExecReload=/usr/sbin/sshd -t
ExecReload=/bin/kill -HUP $MAINPID
KillMode=process
Restart=on-failure
+RestartPreventExitStatus=255
+Type=notify
+RuntimeDirectory=sshd
+RuntimeDirectoryMode=0755
[Install]
WantedBy=multi-user.target
Alias=sshd.service
-
projects / grml-live.git / commitdiff