[Bug 590275] Re: ssh init script doesn't use the /etc/default/ssh file

Pierfrancesco Caci pf at caci.it
Sat Jul 17 13:03:27 BST 2010 

This is not just a wishlist. The package as it is now breaks expected behaviour 
(the one you get after 15 years of using /etc/init.d style startup scripts)
and is not properly documented in the obvious places (README.Debian, for example), with only a mention of 
this new behaviour buried in changelog.Debian.gz.

Furthermore, and most importantly, the daemon behaves differently if you
start it with old style init scripts, or with new style upstart commands:

# cat /etc/default/ssh | grep -v '#'
SSHD_OPTS='-p 11210'
SSHD_OOM_ADJUST=-17
# service ssh start
ssh start/running, process 23950
# lsof -n | grep LISTEN | grep ssh
sshd      23950       root    3u     IPv4           24579273      0t0        TCP                  *:ssh (LISTEN)
sshd      23950       root    4u     IPv6           24579275      0t0        TCP                  *:ssh (LISTEN)
# service ssh stop
ssh stop/waiting
# /etc/init.d/ssh start
 * Starting OpenBSD Secure Shell server sshd                             [ OK ] 
# lsof -n | grep LISTEN | grep ssh
sshd      23983       root    3u     IPv4           24589208      0t0        TCP                  *:11210 (LISTEN)
sshd      23983       root    4u     IPv6           24589210      0t0        TCP                   *:11210 (LISTEN)

This means that someone changing the configuration and restarting the daemon "the old way" will not find the daemon listening
on the inteded port after a reboot. 

The old style startup script should be modified to output a message
urging the user to change his habit to upstart commands. 

The /etc/default/ssh file should be modified to include a prominent warning
that the file itself is deprecated and not used by upstart anymore.

The package as it is now may cause a machine to become unreachable if an 
external firewall is configured to allow a certain non-standard port, while
the daemon starts listening on 22 because /etc/default/ssh is not used anymore.

Pf

-- 
ssh init script doesn't use the /etc/default/ssh file
https://bugs.launchpad.net/bugs/590275
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openssh in ubuntu.

More information about the Ubuntu-server-bugs mailing list