Hi Guillaume, Guillaume Delacour a écrit , Le 15/07/2014 02:18: > Le dimanche 02 mars 2014 à 22:35 +0100, Gilles Filippini a écrit : >> I've just switched to systemd as init system on my box, and after rebbot >> sslh wasn't running. From what I understand the cause of the failure is >> a missing /var/run/sslh directory. >> >> After adding the settings below to the sslh.service file, I can start it >> manually using invoke-rc.d but it keeps failing at boot time: >> ExecStartPre=/bin/mkdir -p /var/run/sslh >> ExecStartPre=/bin/chown -R sslh:sslh /var/run/sslh/ > > Instead, i can propose to use a /usr/lib/tmpfiles.d/sslh.conf file like > this: > > d /run/sslh 0755 sslh sslh - > > I'll test this soon, but maybe you'll test this before me.
I've just tested it, and it is not enough. AIUI it is because I redirect SSL requests to an external site (linuxfr.org) and the network isn't available when sslh starts. Here is the trace from journalctl: juil. 23 03:32:50 pini sslh[3149]: Name or service not known `linuxfr.org:443' juil. 23 03:32:50 pini sslh[3149]: Name or service not known `linuxfr.org' juil. 23 03:32:50 pini systemd[1]: sslh.service: main process exited, code=exited, status=4/NOPERMISSION juil. 23 03:32:50 pini systemd[1]: Unit sslh.service entered failed state. The very same failure occurs when I start sslh manualy with the network wire unplugged. For now I've replaced this sslh.service line: After=network.target with After=multi-user.target to give more time to the network configuration. But IMO sslh shouldn't fail when the network is down, just like other standard network daemons do (sshd, httpd, ...). Thanks, _g.
signature.asc
Description: OpenPGP digital signature
