Am 30.03.2015 um 01:17 schrieb Michael Biebl: > So I suggest using the Type=forking option but also setting > RestartPreventExitStatus=255 [1], since 255 seems to be the return code > on config errors and I don't think it makes sense to restart in that case. > > The resulting ssh.service would look like > > [Unit] > Description=OpenBSD Secure Shell server > After=network.target auditd.service > ConditionPathExists=!/etc/ssh/sshd_not_to_be_run > > [Service] > EnvironmentFile=-/etc/default/ssh > ExecStart=/usr/sbin/sshd $SSHD_OPTS > ExecReload=/bin/kill -HUP $MAINPID > KillMode=process > Restart=on-failure > Type=forking > PIDFile=/var/run/sshd.pid > RestartPreventExitStatus=255 > > [Install] > WantedBy=multi-user.target > Alias=sshd.service > > > With those changes, ssh.service ssems to behave "as expected" on failures.
I spoke too soon. As it turns out, sshd has a rather strange, or let's say broken, SIGHUP behaviour (when in daemon mode): It reexecs, i.e. changes its PID but doesn't write a new /var/run/sshd.pid. Since ssh runs reload in it's if-up.d hook under systemd, this will break make it break badly, since systemd will lose track of the sshd main process. Colin, any idea, why sshd behaves so strange on SIGHUP? -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth?
signature.asc
Description: OpenPGP digital signature
