[Bug 1814124] Re: sshd does not start after update
Christian Ehrhardt
1814124 at bugs.launchpad.net
Mon Feb 4 07:31:51 UTC 2019
I took a fresh Xenial (daily) as well as a Xenial of the release day and ran the commands:
$ apt-get clean && apt-get autoclean && apt-get autoremove && apt-get update && apt-get upgrade && apt-get dist-upgrade && reboot
Obviously the updated different amounts of packages, but none did break
the permissions of /var/run/sshd.
I wonder if the issue is in the OpenVZ 6 template that you use as that
seems to be the only difference that remains. I wonder if you'd have any
chance to do that in LXD or a KVM Guest as a comparison?
I downloaded the template from [1] and didn't find anythig obvious.
But after all /var/run is actually /run and that is a tmpfs mount - so after a reboot nothing of the former run should be there. It should only contain things created since boot.
I wondered what exactly will recreate that path.
It isn't the service itself as that fails:
$ systemctl stop sshd
$ rm -rf /run/sshd/
$ /usr/sbin/sshd -t
Missing privilege separation directory: /var/run/sshd
(The service behaves the same on start, so something else must have created the path)
After a reboot it is there and has the correct permissions.
The old sysV inint script at /etc/init.d/ssh:71 would have done that, but in systemd that should no more run. Here it is created by systemd-tmpfiles:
You should have a file like:
$ cat /usr/lib/tmpfiles.d/sshd.conf
d /var/run/sshd 0755 root root
That will make systemd to prepare the directory as it should be on every
boot.
Maybe something in that regard is broken on your openVZ container or template?
Please check:
1. is /var/run a symlink to /run
2. is /run a tmpfs mount
3. is /usr/lib/tmpfiles.d/sshd.conf existing and has the content I have shown?
4. if /var/run/sshd is not correct boot run `systemd-tmpfiles --create` is it created (or permissions fixed)?
[1]: https://wiki.openvz.org/Download/template/precreated
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1814124
Title:
sshd does not start after update
Status in openssh package in Ubuntu:
Incomplete
Bug description:
After processing system update by:
apt-get clean && apt-get autoclean && apt-get autoremove && apt-get update && apt-get upgrade && apt-get dist-upgrade && reboot
ssh server stops starting at system boot.
It starts after doing:
mkdir /var/run/sshd
chmod 0755 /var/run/sshd
service ssh start
It happens on fresh Ubuntu-16.04 installs on every VPS provide I have
tested so far.
ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: openssh-server 1:7.2p2-4ubuntu2.6
Uname: Linux 2.6.32-042stab127.2 x86_64
ApportVersion: 2.20.1-0ubuntu2.18
Architecture: amd64
Date: Thu Jan 31 10:18:56 2019
ProcEnviron:
TERM=xterm
PATH=(custom, no user)
SSHDConfig: Error: command ['/usr/sbin/sshd', '-T'] failed with exit code 255: Missing privilege separation directory: /var/run/sshd
SourcePackage: openssh
UpgradeStatus: No upgrade log present (probably fresh install)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1814124/+subscriptions
More information about the foundations-bugs
mailing list