Bug#502444: sshd fails at boot-time following reload by /etc/network/if-up.d/openssh-server presumably due to race condition
Package: openssh-server
Version: 1:5.1p1-3
Severity: important
The sshd on this server exits before the boot process in complete on approx 70% of boots on this machine - presumably due to a race condition. It
appears to die following the reload by /etc/network/if-up.d/openssh-server when the system is bringing up its network interfaces.
The same fault has been observed to occur at least once with the non-openvz standard 2.6.26-1 kernel.
The failure stops happening if:
.. 'reload' is changed to 'restart' in /etc/network/if-up.d/openssh-server
.. The debug level is increased in /etc/ssh/sshd_config (e.g. LogLevel VERBOSE, LogLevel DEBUG etc.)
Logging in on the console and issuing an "/etc/init.d/ssh restart" results in a message like "<PID Number> not running". The last message in
/var/log/auth.log is of the form:
Oct 16 14:58:19 xeon1 sshd[3065]: Server listening on :: port 22.
Oct 16 14:58:19 xeon1 sshd[3065]: Server listening on 0.0.0.0 port 22.
Oct 16 14:58:19 xeon1 sshd[3065]: Received SIGHUP; restarting.
No further messages are then logged by sshd, and nothing is listening on port 22:
On the occasions when the server reload work successfully, this is followed immediately by a message of the form:
Oct 16 <SAME TIME> xeon1 sshd[<NEWPID>]: Server listening on :: port 22.
Oct 16 <SAME TIME> xeon1 sshd[<NEWPID>]: Server listening on 0.0.0.0 port 22.
I'm speculating that reciving a SIGHUP at some point is sshd's normal restart process will cause it to fail to respawn (and that this is occuring
on this machine when the ifup occurs on eth0, and eth1 in quick succession). Unfortunately on this box at least, turning up debugging causes the
symptom to go away...
Thanks,
Tim.
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.26-1-openvz-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages openssh-server depends on:
ii adduser 3.110 add and remove users and groups
ii debconf [debconf-2.0] 1.5.22 Debian configuration management sy
ii dpkg 1.14.22 Debian package management system
ii libc6 2.7-14 GNU C Library: Shared libraries
ii libcomerr2 1.41.2-1 common error description library
ii libkrb53 1.6.dfsg.4~beta1-4 MIT Kerberos runtime libraries
ii libpam-modules 1.0.1-4+b1 Pluggable Authentication Modules f
ii libpam-runtime 1.0.1-4 Runtime support for the PAM librar
ii libpam0g 1.0.1-4+b1 Pluggable Authentication Modules l
ii libselinux1 2.0.65-5 SELinux shared libraries
ii libssl0.9.8 0.9.8g-13 SSL shared libraries
ii libwrap0 7.6.q-16 Wietse Venema's TCP wrappers libra
ii lsb-base 3.2-20 Linux Standard Base 3.2 init scrip
ii openssh-blacklist 0.4.1 list of default blacklisted OpenSS
ii openssh-client 1:5.1p1-3 secure shell client, an rlogin/rsh
ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime
Versions of packages openssh-server recommends:
pn openssh-blacklist-extra <none> (no description available)
pn xauth <none> (no description available)
Versions of packages openssh-server suggests:
pn molly-guard <none> (no description available)
pn rssh <none> (no description available)
pn ssh-askpass <none> (no description available)
-- debconf information:
ssh/vulnerable_host_keys:
ssh/new_config: true
* ssh/use_old_init_script: true
ssh/encrypted_host_key_but_no_keygen:
ssh/disable_cr_auth: false
Reply to: