--- Begin Message ---
Package: openssh-server
Version: 1:8.0p1-4
Severity: wishlist
Tags: patch
Dear Maintainer,
here is a patch to add support for Runit initialization system.
While writing the runscript I took a look at both the old sysv script
and systemd unit. The sysv script has two tests that I omitted in
the runscript
> ( /usr/sbin/sshd -\? 2>&1 | grep -q OpenSSH ) 2>/dev/null || exit 0
>if [ ! -c /dev/null ]; then
> ....
I'm not sure, are those still relevant?
Also, note that the 'since=1:8.0p1-5' option in the openssh-server.runit file
should match the version that actually adds the runscript.
the git patch is attached, and there is also a MR on salsa
https://salsa.debian.org/ssh-team/openssh/merge_requests/7
If you need more details please ask
Thanks,
Lorenzo
-- System Information:
Debian Release: bullseye/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.19.0-3-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: runit (via /run/runit.stopit)
Versions of packages openssh-server depends on:
ii adduser 3.118
ii debconf [debconf-2.0] 1.5.73
ii dpkg 1.19.7
ii libaudit1 1:2.8.5-2
ii libc6 2.28-10
ii libcom-err2 1.45.3-3
ii libgssapi-krb5-2 1.17-6
ii libkrb5-3 1.17-6
ii libpam-modules 1.3.1-5
ii libpam-runtime 1.3.1-5
ii libpam0g 1.3.1-5
ii libselinux1 2.9-2
ii libssl1.1 1.1.1c-1
pn libsystemd0 <none>
ii libwrap0 7.6.q-28
ii lsb-base 10.2019051400
ii openssh-client 1:8.0p1-4
ii openssh-sftp-server 1:8.0p1-4
ii procps 2:3.3.15-2
ii runit-helper 2.8.13.2
ii ucf 3.0038+nmu1
ii zlib1g 1:1.2.11.dfsg-1
Versions of packages openssh-server recommends:
ii libpam-elogind-compat [libpam-systemd] 1.3
ii ncurses-term 6.1+20190713-2
ii xauth 1:1.0.10-1
Versions of packages openssh-server suggests:
ii lxqt-openssh-askpass [ssh-askpass] 0.14.1-1
pn molly-guard <none>
pn monkeysphere <none>
pn rssh <none>
pn ufw <none>
-- debconf information excluded
>From 8a2040f54e832dd589dbf0cb62ffaee28e6dee7a Mon Sep 17 00:00:00 2001
From: Lorenzo Puliti <lorenzo.ru.g@gmail.com>
Date: Mon, 5 Aug 2019 20:24:41 +0200
Subject: [PATCH] Add a runscript for runit
Add a 'run' and a 'finish' script for runit init system;
rely on dh-runit for maintscript code.
---
debian/control | 2 ++
debian/openssh-server.runit | 1 +
debian/openssh-server.ssh.runscript/finish | 16 ++++++++++++++++
debian/openssh-server.ssh.runscript/run | 20 ++++++++++++++++++++
debian/rules | 2 +-
5 files changed, 40 insertions(+), 1 deletion(-)
create mode 100644 debian/openssh-server.runit
create mode 100644 debian/openssh-server.ssh.runscript/finish
create mode 100644 debian/openssh-server.ssh.runscript/run
diff --git a/debian/control b/debian/control
index c690df075..eab4e2b6e 100644
--- a/debian/control
+++ b/debian/control
@@ -19,6 +19,7 @@ Build-Depends: autotools-dev,
libwrap0-dev | libwrap-dev,
pkg-config,
zlib1g-dev (>= 1:1.2.3),
+ dh-runit(>=2.8.8),
Standards-Version: 4.1.0
Uploaders: Colin Watson <cjwatson@debian.org>,
Matthew Vernon <matthew@debian.org>,
@@ -92,6 +93,7 @@ Conflicts: sftp,
Replaces: openssh-client (<< 1:7.9p1-8),
ssh,
ssh-krb5,
+Breaks: ${runit:Breaks}
Suggests: molly-guard,
monkeysphere,
rssh,
diff --git a/debian/openssh-server.runit b/debian/openssh-server.runit
new file mode 100644
index 000000000..cb659a00b
--- /dev/null
+++ b/debian/openssh-server.runit
@@ -0,0 +1 @@
+debian/openssh-server.ssh.runscript logscript,name=ssh,since=1:8.0p1-5
diff --git a/debian/openssh-server.ssh.runscript/finish b/debian/openssh-server.ssh.runscript/finish
new file mode 100644
index 000000000..7e29ef1db
--- /dev/null
+++ b/debian/openssh-server.ssh.runscript/finish
@@ -0,0 +1,16 @@
+#!/bin/sh
+set -e
+
+NAME=ssh
+
+[ $1 = -1 ] && echo "runsv: ERROR in $NAME: unexpected error or wrong sh syntax"
+# no need to stop the service here, runsv will stop trying after the first attempt
+
+[ $1 = 161 ] && echo "runsv: ERROR $1 in $NAME: disabled by local settings" \
+ && sv d $(dirname $0) && exit 0
+
+[ $1 = 162 ] && echo "runsv: ERROR $1 in $NAME: configtest or early setup failed" \
+ && sv d $(dirname $0) && exit 0
+
+echo "$NAME Stopped"
+
diff --git a/debian/openssh-server.ssh.runscript/run b/debian/openssh-server.ssh.runscript/run
new file mode 100644
index 000000000..f9b08a871
--- /dev/null
+++ b/debian/openssh-server.ssh.runscript/run
@@ -0,0 +1,20 @@
+#!/usr/bin/env /lib/runit/invoke-run
+set -e
+
+NAME="ssh"
+
+sv start auditd || sv check auditd || true
+
+# don't start if 'sshd_not_to_be_start' exists
+test -e /etc/ssh/sshd_not_to_be_run && exit 161
+
+#Create /run/sshd
+test -d /run/sshd || mkdir /run/sshd && chmod 0755 /run/sshd
+
+exec 2>&1
+
+#Config test
+/usr/sbin/sshd -t || exit 162
+
+echo "Starting $NAME..."
+exec /usr/sbin/sshd -D -e $SSHD_OPTS
diff --git a/debian/rules b/debian/rules
index 550306d4f..4208569e2 100755
--- a/debian/rules
+++ b/debian/rules
@@ -106,7 +106,7 @@ confflags += --with-ldflags='$(strip -Wl,--as-needed $(LDFLAGS))'
confflags_udeb += --with-ldflags='-Wl,--as-needed'
%:
- dh $@ --with=autoreconf,systemd
+ dh $@ --with=autoreconf,systemd,runit
autoreconf:
autoreconf -f -i
--
2.23.0.rc1
--- End Message ---
--- Begin Message ---
Source: openssh
Source-Version: 1:8.0p1-5
We believe that the bug you reported is fixed in the latest version of
openssh, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 933999@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Colin Watson <cjwatson@debian.org> (supplier of updated openssh package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Tue, 27 Aug 2019 15:18:54 +0100
Source: openssh
Architecture: source
Version: 1:8.0p1-5
Distribution: unstable
Urgency: medium
Maintainer: Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>
Changed-By: Colin Watson <cjwatson@debian.org>
Closes: 933999
Changes:
openssh (1:8.0p1-5) unstable; urgency=medium
.
[ Lorenzo Puliti ]
* Add a runscript for runit (closes: #933999).
Checksums-Sha1:
69d5006571941b80a9e85ef5b4bba56adee350ec 3316 openssh_8.0p1-5.dsc
1d07ad1f1155c6da98c12d850a961bc7f15b165f 171496 openssh_8.0p1-5.debian.tar.xz
Checksums-Sha256:
e30fde2d082ccce3009cf39e4e76393b7a6fedde857507e9827832b84a5f6d6a 3316 openssh_8.0p1-5.dsc
4936595de8e37c56cfc752ff5e7fe78be690d537a396d215b218791dfcbd4da2 171496 openssh_8.0p1-5.debian.tar.xz
Files:
fa22a1da71235af3e12c28a14b772c68 3316 net standard openssh_8.0p1-5.dsc
767129c7a3e4919e923c5408a79f5015 171496 net standard openssh_8.0p1-5.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEErApP8SYRtvzPAcEROTWH2X2GUAsFAl1lPAIACgkQOTWH2X2G
UAsziw//YWzhkVO3Fdm03PFbslmAIcUjxafYoI19HVKqvtkL26A61BaaBhKx0nV4
3dqFa0wZSaB0rpFyi/aebCV+nC0FZTIBjahRItzq46SZFM3dp9CCtHplQE4JV9kV
cVUsq9sULOEzrV5N0Ebm6VX5/C5UMQq3f4dPOht7Qd5R3wTJWmGJxpnOkyeA7vst
nT+slUEuvIWtHTknr92dBqgpX3ApS+wOsyHh6+mi9zYbtkKkbE2R51hF8O2h9XRm
lAFpPMK6XTwQsL7XzA64swgL8PsfrbmkZqgL5IqH/5WFzSbv4jYwfTETLPp88m4L
y9AZRWhComrMZGZN3xjg4a+AH7YTk3A+li/96tAlmsW8EA4CYgoyutZq3IMwkqHW
/ZMx52w6+ufEr+G/RxfuLQ6yhHUFfsn0wGT/gVbYhphcoRun58JfMbwEcVaL1+Vi
obUShfTJUNlB8vNzKCDCgSrP4Fs/MxWYoVehhZCZ1cDLOm1ooX8w2Y+xh99QWw3w
cgCXm5U6wGFFclIKzHZmTz/IVru3HgAmfIX1pTaYpA4Obsjf6nFz/vRCsY5yPu+X
KJntTDxoYJdoPVYJiLhdgLLF9GHJrd4EohhFqdeI66yZvE44ZMCu5kXSWEoJxXZ3
Zoc9qHrZcdNFSeTBb2r68hWNDS5cqlmAv9tG01RsAklfqkDV8Lk=
=kz/E
-----END PGP SIGNATURE-----
--- End Message ---