Ubuntu
ubuntu 16 上自定義建構 openssh-hpn-sshd 的無限啟動狀態
我已經編譯了 hpn 版本的 openssh(OpenSSH_7.2p2-hpn14v11),sshd 本身工作得很好。問題是每 2-3 分鐘 systemd 會重新啟動 sshd,因為它沒有正確啟動該服務。當我用相同版本的 Ubuntu 軟體包替換它時,它可以正常工作。我什至用全新安裝在 VM 上進行了測試——同樣的事情。我究竟做錯了什麼?
● ssh.service - OpenBSD Secure Shell server Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enabled) Active: activating (start) since Wed 2016-09-28 20:18:49 EDT; 42s ago Main PID: 24279 (sshd) Tasks: 9 Memory: 6.8M CPU: 164ms CGroup: /system.slice/ssh.service ├─20041 sshd: root@pts/0 ├─20047 -bash ├─24279 /usr/sbin/sshd -D ├─24628 └─24629 pager Sep 28 20:18:49 hostname systemd[1]: Starting OpenBSD Secure Shell server... Sep 28 20:18:49 hostname sshd[24279]: Server listening on 0.0.0.0 port 22cat /lib/systemd/system/ssh.service [Unit] Description=OpenBSD Secure Shell server After=network.target auditd.service ConditionPathExists=!/etc/ssh/sshd_not_to_be_run [Service] EnvironmentFile=-/etc/default/ssh ExecStart=/usr/sbin/sshd -D $SSHD_OPTS ExecReload=/bin/kill -HUP $MAINPID KillMode=process Restart=on-failure RestartPreventExitStatus=255 Type=notify [Install] WantedBy=multi-user.target Alias=sshd.service Logs: Sep 29 02:22:03 xxx sshd[15007]: Server listening on 0.0.0.0 port 22. Sep 29 02:22:03 xxx sshd[15007]: Server listening on :: port 22. Sep 29 02:23:33 xxx systemd[1]: ssh.service: Start operation timed out. Terminating. Sep 29 02:23:33 xxx systemd[1]: Failed to start OpenBSD Secure Shell server. Sep 29 02:23:33 xxx systemd[1]: ssh.service: Unit entered failed state. Sep 29 02:23:33 xxx systemd[1]: ssh.service: Failed with result 'timeout'. Sep 29 02:23:33 xxx systemd[1]: ssh.service: Service hold-off time over, scheduling restart. Sep 29 02:23:33 xxx systemd[1]: Stopped OpenBSD Secure Shell server. Sep 29 02:23:33 xxx systemd[1]: Starting OpenBSD Secure Shell server... Sep 29 02:23:33 xxx sshd[15775]: Server listening on 0.0.0.0 port 22. Sep 29 02:23:33 xxx sshd[15775]: Server listening on :: port 22.
Ubuntu 放棄使用 systemd 方式讓 systemd 知道它何時啟動。從選項
Type=notify中可以明顯看出,沒有 Systemd 更新檔就無法使用 OpenSSH。有兩種可能的解決方案:
- 將行更改
Type=notify為Type=forking並添加新行,PIDFile=/var/run/sshd.pid並ExecStart應更改為/usr/sbin/sshd $SSHD_OPTS:Type=forking PIDFile=/var/run/sshd.pid ExecStart=/usr/sbin/sshd $SSHD_OPTS
- 使用來自 Debian/Ubuntu的更新檔建構您的 OpenSSH :
From fe97848e044743f0bac019a491ddf0138f84e14a Mon Sep 17 00:00:00 2001 From: Michael Biebl <biebl@debian.org> Date: Mon, 21 Dec 2015 16:08:47 +0000 Subject: Add systemd readiness notification support Bug-Debian: https://bugs.debian.org/778913 Forwarded: no Last-Update: 2016-01-04 Patch-Name: systemd-readiness.patch --- configure.ac | 24 ++++++++++++++++++++++++ sshd.c | 9 +++++++++ 2 files changed, 33 insertions(+) diff --git a/configure.ac b/configure.ac index f822fb3..6cafb15 100644 --- a/configure.ac +++ b/configure.ac @@ -4319,6 +4319,29 @@ AC_ARG_WITH([kerberos5], AC_SUBST([GSSLIBS]) AC_SUBST([K5LIBS]) +# Check whether user wants systemd support +SYSTEMD_MSG="no" +AC_ARG_WITH(systemd, + [ --with-systemd Enable systemd support], + [ if test "x$withval" != "xno" ; then + AC_PATH_TOOL([PKGCONFIG], [pkg-config], [no]) + if test "$PKGCONFIG" != "no"; then + AC_MSG_CHECKING([for libsystemd]) + if $PKGCONFIG --exists libsystemd; then + SYSTEMD_CFLAGS=`$PKGCONFIG --cflags libsystemd` + SYSTEMD_LIBS=`$PKGCONFIG --libs libsystemd` + CPPFLAGS="$CPPFLAGS $SYSTEMD_CFLAGS" + SSHDLIBS="$SSHDLIBS $SYSTEMD_LIBS" + AC_MSG_RESULT([yes]) + AC_DEFINE(HAVE_SYSTEMD, 1, [Define if you want systemd support.]) + SYSTEMD_MSG="yes" + else + AC_MSG_RESULT([no]) + fi + fi + fi ] +) + # Looking for programs, paths and files PRIVSEP_PATH=/var/empty @@ -5121,6 +5144,7 @@ echo " libedit support: $LIBEDIT_MSG" echo " Solaris process contract support: $SPC_MSG" echo " Solaris project support: $SP_MSG" echo " Solaris privilege support: $SPP_MSG" +echo " systemd support: $SYSTEMD_MSG" echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG" echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" echo " BSD Auth support: $BSD_AUTH_MSG" diff --git a/sshd.c b/sshd.c index 837409b..868df9e 100644 --- a/sshd.c +++ b/sshd.c @@ -85,6 +85,10 @@ #include <prot.h> #endif +#ifdef HAVE_SYSTEMD +#include <systemd/sd-daemon.h> +#endif + #include "xmalloc.h" #include "ssh.h" #include "ssh1.h" @@ -2117,6 +2121,11 @@ main(int ac, char **av) unsetenv("SSH_SIGSTOP"); } +#ifdef HAVE_SYSTEMD + /* Signal systemd that we are ready to accept connections */ + sd_notify(0, "READY=1"); +#endif + /* Accept a connection and return in a forked child */ server_accept_loop(&sock_in, &sock_out, &newsock, config_s);