Bug#751636: openssh-server: ssh sessions are not cleanly termined on shutdown/restart with systemd

To: 751636@bugs.debian.org
Subject: Bug#751636: openssh-server: ssh sessions are not cleanly termined on shutdown/restart with systemd
From: Christoph Anton Mitterer <calestyo@scientia.net>
Date: Sat, 13 Dec 2014 19:14:53 +0100
Message-id: <[🔎] 1418494493.32545.54.camel@scientia.net>
Reply-to: Christoph Anton Mitterer <calestyo@scientia.net>, 751636@bugs.debian.org
In-reply-to: <[🔎] 20141213140646.GC12706@torres.zugschlus.de>
References: <2698995.bEpLtCGLBZ@shri> <1412955854.4744.3.camel@scientia.net> <3034657.zrNS9PLV6x@shri> <[🔎] 20141213140646.GC12706@torres.zugschlus.de>

On Sat, 2014-12-13 at 15:06 +0100, Marc Haber wrote: 
> /lib/systemd/system/ssh.service in current sid has
> "After=network.target" in its Unit stanza and still not cleanly kills
> off ssh sessions.
Since the ssh.service unit file only starts the listener daemons and not
the sessions neither explicitly stops the session processes... this is
absolutely expected behaviour.


> There is also /lib/systemd/system/ssh@.service which seems to be
> contrary to /lib/systemd/system/ssh.service which I do not understand.
I guess it should be easy to find out what this is about, in any way,
explaining systemd functionality doesn't belong to this bug.




On Sat, 2014-12-13 at 15:10 +0100, Marc Haber wrote:
> That would be the systemd way to do it
No, it would be the way to improve things when the were done wrong in
the past,... which you've had always during the whole history of UNIX,
and which neither contradicts any of UNIX' paradigms like "small is
nice" and that like.

> and instantly spawn a new hate
> wave. After all, it was systemd locking people out of their headless,
> remote systems during an urgent security update.
Since such behavioural change wouldn't depend on the initsystem, just
stubborn people who annoy us with their systemd FUD and hatred anyway
would do so...




On Sat, 2014-12-13 at 15:16 +0100, Marc Haber wrote:
> Do I understand correctly, that ssh in jessie/sid allows the local
> admin to run sshd as a traditional daemon, with the new (undesired)
> behavior, or as a systemd service with socket activation, which
> gives a better emulation of traditional behavior?
No, you don't understand correctly.
In daemon mode, the "new" behaviour is a bug, reported in this very
ticket.
In socket mode, each session is controlled by what compares to the
listener daemon (i.e. the process which is directly managed by systemd),
therefore one get's the fix for free, as this process is stopped by
systemd.


> If this is really seriously meant that way, people will see this as a
> conspiracy to coax people into using socket activation.
There is no conspiracy, the default mode of ssh is still the daemon
based.

Attachment: smime.p7s
Description: S/MIME cryptographic signature

Reply to:

Follow-Ups:
- Bug#751636: openssh-server: ssh sessions are not cleanly termined on shutdown/restart with systemd
  - From: Marc Haber <mh+debian-bugs@zugschlus.de>

References:
- Bug#751636: openssh-server: ssh sessions are not cleanly termined on shutdown/restart with systemd
  - From: Marc Haber <mh+debian-packages@zugschlus.de>

Prev by Date: Bug#751636: openssh-server: ssh sessions are not cleanly termined on shutdown/restart with systemd
Next by Date: Bug#751636: Severity bump
Previous by thread: Bug#751636: openssh-server: ssh sessions are not cleanly termined on shutdown/restart with systemd
Next by thread: Bug#751636: openssh-server: ssh sessions are not cleanly termined on shutdown/restart with systemd
Index(es):
- Date
- Thread