Bug#832155: New ssh-session-cleanup.service kills ssh user session during upgrade

To: 832155@bugs.debian.org
Subject: Bug#832155: New ssh-session-cleanup.service kills ssh user session during upgrade
From: Michael Biebl <biebl@debian.org>
Date: Sun, 24 Jul 2016 18:15:58 +0200
Message-id: <[🔎] 8a4104c6-d351-c81b-7ed0-6d79b050cb0d@debian.org>
Reply-to: Michael Biebl <biebl@debian.org>, 832155@bugs.debian.org
In-reply-to: <[🔎] 20160724154757.GF21507@riva.ucam.org>
References: <[🔎] 146923050430.21395.956098162471835397.reportbug@pluto.milchstrasse.xx> <[🔎] 20160723102949.GE21507@riva.ucam.org> <[🔎] 8204bd71-12e0-1f4e-497c-5ef7fed8e1b9@debian.org> <[🔎] 20160724154757.GF21507@riva.ucam.org>

Am 24.07.2016 um 17:47 schrieb Colin Watson:
> On Sun, Jul 24, 2016 at 01:38:25AM +0200, Michael Biebl wrote:

>> I referenced in my other reply that the network.target ordering has just
>> been added recently (in v230). So it is possible that previously there
>> was still an issue on shutdown. This is fixed now.
> 
> Do you plan to update jessie with this fix? 

I can do that. Unfortunately I've already filed the jessie-pu bug for
systemd a couple of hours ago (#832336, for 8.6), but I could update the
pu request accordingly.
I see what I can do, otherwise it will be in the next stable point
release, i.e 8.7

> dependencies.  Unfortunately there's no good way to say "Depends:
> libpam-systemd, but only if systemd is pid 1".

Right, we do not have conditional Depends. But since sysvinit-core is
the only existing alternative in stretch, we could use Depends:
libpam-systemd | sysvinit-core. It's slighly ugly but would probably do
the trick.

> It's unfortunate that we don't have a good way to simply be able to
> assume that all systemd users have libpam-systemd installed, which is
> what I'd really prefer to be able to do here.

I am more and more inclined that we should simply make libpam-systemd a
hard dependency of either systemd or systemd-sysv.

>> Please disable the ssh-session-cleanup.service hack by default if you
>> don't want to remove it. Or better, ship it as an example file.
> 
> Compromise proposal: how about I make it do nothing if libpam-systemd is
> installed (e.g. "ConditionPathExists=!/usr/share/pam-configs/systemd",
> which is probably the simplest available check without needing to deal
> with multiarch paths), in which case presumably the hack isn't needed?
> (For backports to jessie, such a check would need to be deleted, unless
> you plan to backport the ordering fix as requested above.)

I'm still pretty much convinced that a hack like this should not be
shipped by default, which is totally unnecessary for a default
installation. It set's a wrong precedent.
If we start piling up hacks like this, in 10 years we are back at that
mess that sysvinit has become.

Regards,
Michael

-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?

Attachment: signature.asc
Description: OpenPGP digital signature

Reply to:

References:
- Bug#832155: New ssh-session-cleanup.service kills ssh user session during upgrade
  - From: Michael Biebl <biebl@debian.org>
- Bug#832155: New ssh-session-cleanup.service kills ssh user session during upgrade
  - From: Colin Watson <cjwatson@debian.org>
- Bug#832155: New ssh-session-cleanup.service kills ssh user session during upgrade
  - From: Michael Biebl <biebl@debian.org>
- Bug#832155: New ssh-session-cleanup.service kills ssh user session during upgrade
  - From: Colin Watson <cjwatson@debian.org>

Prev by Date: openssh_6.7p1-5+deb8u3_amd64.changes ACCEPTED into proposed-updates->stable-new
Next by Date: Bug#832155: New ssh-session-cleanup.service kills ssh user session during upgrade
Previous by thread: Bug#832155: New ssh-session-cleanup.service kills ssh user session during upgrade
Next by thread: Bug#832155: New ssh-session-cleanup.service kills ssh user session during upgrade
Index(es):
- Date
- Thread