[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#512209: marked as done (Please don't touch sshd from interfaces-up)

Your message dated Tue, 2 Dec 2025 10:44:32 +0000
with message-id <aS7DEEfe_f4iAbzb@riva.ucam.org>
and subject line Re: Bug#512209: Please don't touch sshd from interfaces-up
has caused the Debian Bug report #512209,
regarding Please don't touch sshd from interfaces-up
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
512209: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=512209
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: openssh-server
Version: 1:5.1p1-5

| * Check that /var/run/sshd.pid exists and that the process ID listed there
|   corresponds to sshd before running '/etc/init.d/ssh reload' from if-up
|   script; SIGHUP is racy if called at boot before sshd has a chance to
|   install its signal handler, but fortunately the pid file is written
|   after that which lets us avoid the race (closes: #502444).
| * While the above is a valuable sanity-check, it turns out that it doesn't
|   really fix the bug (thanks to Kevin Price for testing), so for the
|   meantime we'll just use '/etc/init.d/ssh restart', even though it is
|   unfortunately heavyweight.

Why restart it at all?  There's little point in the default
configuration where sshd listens on INADDR_ANY.

At least make it configurable and don't mess with it from interfaces by
default.

Thanks
-- 
                           |  .''`.  ** Debian GNU/Linux **
      Peter Palfrader      | : :' :      The  universal
 http://www.palfrader.org/ | `. `'      Operating System
                           |   `-    http://www.debian.org/

--- End Message ---
--- Begin Message --- 
Source: openssh
Source-Version: 1:7.9p1-1

On Sun, Jan 18, 2009 at 05:59:18PM +0100, Peter Palfrader wrote:

Package: openssh-server
Version: 1:5.1p1-5

| * Check that /var/run/sshd.pid exists and that the process ID listed there
|   corresponds to sshd before running '/etc/init.d/ssh reload' from if-up
|   script; SIGHUP is racy if called at boot before sshd has a chance to
|   install its signal handler, but fortunately the pid file is written
|   after that which lets us avoid the race (closes: #502444).
| * While the above is a valuable sanity-check, it turns out that it doesn't
|   really fix the bug (thanks to Kevin Price for testing), so for the
|   meantime we'll just use '/etc/init.d/ssh restart', even though it is
|   unfortunately heavyweight.

Why restart it at all?  There's little point in the default
configuration where sshd listens on INADDR_ANY.

At least make it configurable and don't mess with it from interfaces by
default.


Fixed some time ago:

openssh (1:7.9p1-1) unstable; urgency=medium

  [...]
  * Remove /etc/network/if-up.d/openssh-server, as it causes more problems
    than it solves (thanks, Christian Ehrhardt, Andreas Hasenack, and David
    Britton; closes: #789532, LP: #1037738, #1674330, #1718227).  Add an
    "if-up hook removed" section to README.Debian documenting the corner
    case that may need configuration adjustments.

 -- Colin Watson <cjwatson@debian.org>  Sun, 21 Oct 2018 10:39:24 +0100

Thanks,

--
Colin Watson (he/him)                              [cjwatson@debian.org]

--- End Message ---
Reply to: