Bug#872978: openssh-server: /run/sshd not created if ssh.socket is enabled

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#872978: openssh-server: /run/sshd not created if ssh.socket is enabled
From: Sven Joachim <svenjoac@gmx.de>
Date: Wed, 23 Aug 2017 10:29:39 +0200
Message-id: <[🔎] 871so2znyk.fsf@turtle.gmx.de>
Reply-to: Sven Joachim <svenjoac@gmx.de>, 872978@bugs.debian.org

Package: openssh-server
Version: 1:7.5p1-6
Severity: important

I am using ssh.socket rather than ssh.server to start the daemon on
demand, and in this situation /run/sshd is not created, leading to
refused connections.

To fix that, I added the RuntimeDirectory=sshd to ssh@.service.  This
seems to work, although the behavior is a bit strange: as soon as a
connection closes, the /run/sshd directory will be removed, even if
other connections are still active.  But the directory only needs to
exist during the pre-authentication phase, if I read README.privsep
correctly.


-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (101, 'experimental')
Architecture: i386 (x86_64)
Foreign Architectures: amd64

Kernel: Linux 4.12.8-nouveau (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages openssh-server depends on:
ii  adduser              3.116
ii  debconf              1.5.63
ii  dpkg                 1.19.0
ii  init-system-helpers  1.49
ii  libaudit1            1:2.7.7-1+b2
ii  libc6                2.24-14
ii  libcomerr2           1.43.5-1
ii  libgssapi-krb5-2     1.15.1-2
ii  libkrb5-3            1.15.1-2
ii  libpam-modules       1.1.8-3.6
ii  libpam-runtime       1.1.8-3.6
ii  libpam0g             1.1.8-3.6
ii  libselinux1          2.6-3+b2
ii  libssl1.0.2          1.0.2l-2
ii  libsystemd0          234-2
ii  libwrap0             7.6.q-26
ii  lsb-base             9.20161125
ii  openssh-client       1:7.5p1-6
ii  openssh-sftp-server  1:7.5p1-6
ii  procps               2:3.3.12-3
ii  ucf                  3.0036
ii  zlib1g               1:1.2.8.dfsg-5

Versions of packages openssh-server recommends:
ii  libpam-systemd  234-2
ii  ncurses-term    6.0+20170715-2
ii  xauth           1:1.0.9-1+b2

Versions of packages openssh-server suggests:
pn  molly-guard   <none>
pn  monkeysphere  <none>
pn  rssh          <none>
pn  ssh-askpass   <none>
pn  ufw           <none>

-- debconf information:
  ssh/vulnerable_host_keys:
  ssh/encrypted_host_key_but_no_keygen:
  ssh/disable_cr_auth: false
* ssh/use_old_init_script: true
  openssh-server/permit-root-login: true

-- debsums errors found:
debsums: changed file /lib/systemd/system/ssh@.service (from openssh-server package)

Reply to:

Follow-Ups:
- Bug#872978: marked as done (openssh-server: /run/sshd not created if ssh.socket is enabled)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Bug#872976: openssh-server: /lib/systemd/system/ssh.service:17: Unknown lvalue 'RuntimeDirectoryModes' in section 'Service'
Next by Date: Processing of openssh_7.5p1-7_source.changes
Previous by thread: Bug#872976: marked as done (openssh-server: /lib/systemd/system/ssh.service:17: Unknown lvalue 'RuntimeDirectoryModes' in section 'Service')
Next by thread: Bug#872978: marked as done (openssh-server: /run/sshd not created if ssh.socket is enabled)
Index(es):
- Date
- Thread