I am running a simple service to tweak SSHD on first boot (the script is at the
bottom of this mail). This is on Debian Bookworm incase it makes any difference.
If I configure my service as:
[Unit]
Description=ITS Generate SSH Server Keys
Wants=ssh.service
Before=ssh.service
[Service]
ExecStart=/usr/bin/bash /path/to/script
Type=oneshot
[Install]
WantedBy=multi-user.target
It never completes. Logging into the server console, "dpkg-reconfigure" just
seems to sit there in the backround forever and so SSHD never gets
restarted/reloaded.
Meanwhile, if I change the [Service] definition to:
[Service]
ExecStart=/usr/bin/bash /path/to/script
RemainAfterExit=true
Type=exec
"dpkg-reconfigure" appears to do its job correctly, and as a result SSHD gets
restarted/reloaded, I can login via SSH and everything is great.
I just don't understand why its doing that.
Laura
My script:
#!/usr/bin/env bash
set -uo pipefail
HAS_RUN_FLAG="/path/to/my.flag"
if [[ ! -f "${HAS_RUN_FLAG}" ]];then
sed -i'' 's/^Subsystem\s*sftp/#&/' /etc/ssh/sshd_config
dpkg-reconfigure openssh-server
touch "${HAS_RUN_FLAG}"
fi
