[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#751636: Severity bump

Marc Haber <mh+debian-bugs@zugschlus.de> writes:

> I _want_ to switch to systemd. Before I do so, I'd like to get rid of
> some nuisances. Nuisances are not the side effect of switching to
> systemd, they are the side effect of every switch that is done. Most
> software projects deal with those reports professionally without
> taking the critique personally.

On the point of your last sentence, please note that no one who has
commented on this bug to date (including both Christoph and I) are
involved in development of either systemd, openssh, or the Debian
packaging of either.  This is all just the peanut gallery.  :)

Personally, I would be happy to see this bug fixed; I just don't consider
it to be of important severity, since I routinely see the same behavior
when shutting down servers right now, in wheezy, using sysvinit.  I don't
have a good explanation for why you haven't seen this behavior under
sysvinit, but for me it's not a regression, and Christoph's proposed fix
*would* have been a regression, which is why I spoke up just to defend my
own interests.  :)  If the problem can be resolved without regressing,
that would be a clear improvement and I'm all in favor of that.  Whether
it's important enough to go into the next release is, fundamentally, the
call of the release managers, not any of the peanut gallery debating it on
this thread.  And, of course, we need a fix first before we can even talk
about whether it can go into the release.

Given that this bothers you, I'd love to see a fix, since I don't like
seeing people running into undesired behavior!  I'm just not sure how best
to fix it.  The best idea that I can think of is a separate unit that
doesn't run on upgrades but that runs on shutdown prior to the network
being shut down and kills all the ssh child processes.

Note, on a point you made in one of your other messages, that I don't
think systemd can use cgroups to cleanly shut this down because systemd
explicitly uses KillMode=process for sshd precisely to avoid killing the
child processes.  One needs to use one KillMode on a regular shutdown and
a different one when shutting down the system, which is what makes this
tricky.

To answer another question elsewhere in this thread, the ssh@.service runs
sshd inetd-style, with a separate sshd for each incoming connection.
ssh.service (the default) runs it in traditional daemon mode.  Both are
provided so that the local system administrator can switch to inetd-style
if they wish (usually for systems with minimal resources that don't want
to have another long-running daemon), but I believe only ssh.service is
enabled by default.

-- 
Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>
Reply to: