[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#933999: marked as done (openssh-server: please provide a runscript for runit)

Your message dated Tue, 27 Aug 2019 15:02:32 +0000
with message-id <E1i2czQ-000BFB-8X@fasolo.debian.org>
and subject line Bug#933999: fixed in openssh 1:8.0p1-5
has caused the Debian Bug report #933999,
regarding openssh-server: please provide a runscript for runit
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
933999: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933999
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: openssh-server
Version: 1:8.0p1-4
Severity: wishlist
Tags: patch

Dear Maintainer,
    
here is a patch to add support for Runit initialization system.
While writing the runscript I took a look at both the old sysv script 
and systemd unit. The sysv script has two tests that I omitted in
the runscript 

> ( /usr/sbin/sshd -\? 2>&1 | grep -q OpenSSH ) 2>/dev/null || exit 0


>if [ ! -c /dev/null ]; then
> ....

I'm not sure, are those still relevant?
Also, note that the 'since=1:8.0p1-5' option in the openssh-server.runit file 
should match the version that actually adds the runscript. 

the git patch is attached, and there is also a MR on salsa
https://salsa.debian.org/ssh-team/openssh/merge_requests/7

If you need more details please ask

Thanks,
Lorenzo


-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-3-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: runit (via /run/runit.stopit)

Versions of packages openssh-server depends on:
ii  adduser                3.118
ii  debconf [debconf-2.0]  1.5.73
ii  dpkg                   1.19.7
ii  libaudit1              1:2.8.5-2
ii  libc6                  2.28-10
ii  libcom-err2            1.45.3-3
ii  libgssapi-krb5-2       1.17-6
ii  libkrb5-3              1.17-6
ii  libpam-modules         1.3.1-5
ii  libpam-runtime         1.3.1-5
ii  libpam0g               1.3.1-5
ii  libselinux1            2.9-2
ii  libssl1.1              1.1.1c-1
pn  libsystemd0            <none>
ii  libwrap0               7.6.q-28
ii  lsb-base               10.2019051400
ii  openssh-client         1:8.0p1-4
ii  openssh-sftp-server    1:8.0p1-4
ii  procps                 2:3.3.15-2
ii  runit-helper           2.8.13.2
ii  ucf                    3.0038+nmu1
ii  zlib1g                 1:1.2.11.dfsg-1

Versions of packages openssh-server recommends:
ii  libpam-elogind-compat [libpam-systemd]  1.3
ii  ncurses-term                            6.1+20190713-2
ii  xauth                                   1:1.0.10-1

Versions of packages openssh-server suggests:
ii  lxqt-openssh-askpass [ssh-askpass]  0.14.1-1
pn  molly-guard                         <none>
pn  monkeysphere                        <none>
pn  rssh                                <none>
pn  ufw                                 <none>

-- debconf information excluded

>From 8a2040f54e832dd589dbf0cb62ffaee28e6dee7a Mon Sep 17 00:00:00 2001
From: Lorenzo Puliti <lorenzo.ru.g@gmail.com>
Date: Mon, 5 Aug 2019 20:24:41 +0200
Subject: [PATCH] Add a runscript for runit

Add a 'run' and a 'finish' script for runit init system;
rely on dh-runit for maintscript code.
---
 debian/control                             |  2 ++
 debian/openssh-server.runit                |  1 +
 debian/openssh-server.ssh.runscript/finish | 16 ++++++++++++++++
 debian/openssh-server.ssh.runscript/run    | 20 ++++++++++++++++++++
 debian/rules                               |  2 +-
 5 files changed, 40 insertions(+), 1 deletion(-)
 create mode 100644 debian/openssh-server.runit
 create mode 100644 debian/openssh-server.ssh.runscript/finish
 create mode 100644 debian/openssh-server.ssh.runscript/run

diff --git a/debian/control b/debian/control
index c690df075..eab4e2b6e 100644
--- a/debian/control
+++ b/debian/control
@@ -19,6 +19,7 @@ Build-Depends: autotools-dev,
                libwrap0-dev | libwrap-dev,
                pkg-config,
                zlib1g-dev (>= 1:1.2.3),
+               dh-runit(>=2.8.8),
 Standards-Version: 4.1.0
 Uploaders: Colin Watson <cjwatson@debian.org>,
            Matthew Vernon <matthew@debian.org>,
@@ -92,6 +93,7 @@ Conflicts: sftp,
 Replaces: openssh-client (<< 1:7.9p1-8),
           ssh,
           ssh-krb5,
+Breaks: ${runit:Breaks}
 Suggests: molly-guard,
           monkeysphere,
           rssh,
diff --git a/debian/openssh-server.runit b/debian/openssh-server.runit
new file mode 100644
index 000000000..cb659a00b
--- /dev/null
+++ b/debian/openssh-server.runit
@@ -0,0 +1 @@
+debian/openssh-server.ssh.runscript logscript,name=ssh,since=1:8.0p1-5
diff --git a/debian/openssh-server.ssh.runscript/finish b/debian/openssh-server.ssh.runscript/finish
new file mode 100644
index 000000000..7e29ef1db
--- /dev/null
+++ b/debian/openssh-server.ssh.runscript/finish
@@ -0,0 +1,16 @@
+#!/bin/sh
+set -e
+
+NAME=ssh
+
+[ $1 = -1 ] && echo "runsv: ERROR in $NAME: unexpected error or wrong sh syntax"
+# no need to stop the service here, runsv will stop trying after the first attempt
+
+[ $1 = 161 ] && echo "runsv: ERROR $1 in $NAME: disabled by local settings" \
+     && sv d $(dirname $0) && exit 0
+
+[ $1 = 162 ] && echo "runsv: ERROR $1 in $NAME: configtest or early setup failed" \
+     && sv d $(dirname $0) && exit 0
+
+echo "$NAME Stopped"   
+
diff --git a/debian/openssh-server.ssh.runscript/run b/debian/openssh-server.ssh.runscript/run
new file mode 100644
index 000000000..f9b08a871
--- /dev/null
+++ b/debian/openssh-server.ssh.runscript/run
@@ -0,0 +1,20 @@
+#!/usr/bin/env /lib/runit/invoke-run
+set -e
+
+NAME="ssh"
+
+sv start auditd  || sv check auditd || true
+
+# don't start if 'sshd_not_to_be_start' exists
+test -e /etc/ssh/sshd_not_to_be_run && exit 161
+
+#Create /run/sshd
+test -d /run/sshd || mkdir /run/sshd && chmod 0755 /run/sshd
+
+exec 2>&1
+
+#Config test
+/usr/sbin/sshd -t || exit 162
+
+echo "Starting $NAME..."
+exec /usr/sbin/sshd -D -e $SSHD_OPTS
diff --git a/debian/rules b/debian/rules
index 550306d4f..4208569e2 100755
--- a/debian/rules
+++ b/debian/rules
@@ -106,7 +106,7 @@ confflags += --with-ldflags='$(strip -Wl,--as-needed $(LDFLAGS))'
 confflags_udeb += --with-ldflags='-Wl,--as-needed'
 
 %:
-	dh $@ --with=autoreconf,systemd
+	dh $@ --with=autoreconf,systemd,runit
 
 autoreconf:
 	autoreconf -f -i
-- 
2.23.0.rc1

--- End Message ---
--- Begin Message --- 
Source: openssh
Source-Version: 1:8.0p1-5

We believe that the bug you reported is fixed in the latest version of
openssh, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 933999@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Colin Watson <cjwatson@debian.org> (supplier of updated openssh package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 27 Aug 2019 15:18:54 +0100
Source: openssh
Architecture: source
Version: 1:8.0p1-5
Distribution: unstable
Urgency: medium
Maintainer: Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>
Changed-By: Colin Watson <cjwatson@debian.org>
Closes: 933999
Changes:
 openssh (1:8.0p1-5) unstable; urgency=medium
 .
   [ Lorenzo Puliti ]
   * Add a runscript for runit (closes: #933999).
Checksums-Sha1:
 69d5006571941b80a9e85ef5b4bba56adee350ec 3316 openssh_8.0p1-5.dsc
 1d07ad1f1155c6da98c12d850a961bc7f15b165f 171496 openssh_8.0p1-5.debian.tar.xz
Checksums-Sha256:
 e30fde2d082ccce3009cf39e4e76393b7a6fedde857507e9827832b84a5f6d6a 3316 openssh_8.0p1-5.dsc
 4936595de8e37c56cfc752ff5e7fe78be690d537a396d215b218791dfcbd4da2 171496 openssh_8.0p1-5.debian.tar.xz
Files:
 fa22a1da71235af3e12c28a14b772c68 3316 net standard openssh_8.0p1-5.dsc
 767129c7a3e4919e923c5408a79f5015 171496 net standard openssh_8.0p1-5.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEErApP8SYRtvzPAcEROTWH2X2GUAsFAl1lPAIACgkQOTWH2X2G
UAsziw//YWzhkVO3Fdm03PFbslmAIcUjxafYoI19HVKqvtkL26A61BaaBhKx0nV4
3dqFa0wZSaB0rpFyi/aebCV+nC0FZTIBjahRItzq46SZFM3dp9CCtHplQE4JV9kV
cVUsq9sULOEzrV5N0Ebm6VX5/C5UMQq3f4dPOht7Qd5R3wTJWmGJxpnOkyeA7vst
nT+slUEuvIWtHTknr92dBqgpX3ApS+wOsyHh6+mi9zYbtkKkbE2R51hF8O2h9XRm
lAFpPMK6XTwQsL7XzA64swgL8PsfrbmkZqgL5IqH/5WFzSbv4jYwfTETLPp88m4L
y9AZRWhComrMZGZN3xjg4a+AH7YTk3A+li/96tAlmsW8EA4CYgoyutZq3IMwkqHW
/ZMx52w6+ufEr+G/RxfuLQ6yhHUFfsn0wGT/gVbYhphcoRun58JfMbwEcVaL1+Vi
obUShfTJUNlB8vNzKCDCgSrP4Fs/MxWYoVehhZCZ1cDLOm1ooX8w2Y+xh99QWw3w
cgCXm5U6wGFFclIKzHZmTz/IVru3HgAmfIX1pTaYpA4Obsjf6nFz/vRCsY5yPu+X
KJntTDxoYJdoPVYJiLhdgLLF9GHJrd4EohhFqdeI66yZvE44ZMCu5kXSWEoJxXZ3
Zoc9qHrZcdNFSeTBb2r68hWNDS5cqlmAv9tG01RsAklfqkDV8Lk=
=kz/E
-----END PGP SIGNATURE-----

--- End Message ---
Reply to: