O Ubuntu voltou a usar o systemd-way de informar o systemd quando ele foi iniciado. É óbvio pela opção Type=notify
, que torna impossível usar o OpenSSH sem a correção Systemd. Existem duas soluções possíveis:
-
Altere a linha
Type=notify
paraType=forking
e adicione uma nova linha comPIDFile=/var/run/sshd.pid
eExecStart
deve ser alterada para/usr/sbin/sshd $SSHD_OPTS
:Type=forking PIDFile=/var/run/sshd.pid ExecStart /usr/sbin/sshd $SSHD_OPTS
-
Crie seu OpenSSH com o patch Debian / Ubuntu:
From fe97848e044743f0bac019a491ddf0138f84e14a Mon Sep 17 00:00:00 2001
From: Michael Biebl <[email protected]>
Date: Mon, 21 Dec 2015 16:08:47 +0000
Subject: Add systemd readiness notification support
Bug-Debian: https://bugs.debian.org/778913
Forwarded: no
Last-Update: 2016-01-04
Patch-Name: systemd-readiness.patch
---
configure.ac | 24 ++++++++++++++++++++++++
sshd.c | 9 +++++++++
2 files changed, 33 insertions(+)
diff --git a/configure.ac b/configure.ac
index f822fb3..6cafb15 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4319,6 +4319,29 @@ AC_ARG_WITH([kerberos5],
AC_SUBST([GSSLIBS])
AC_SUBST([K5LIBS])
+# Check whether user wants systemd support
+SYSTEMD_MSG="no"
+AC_ARG_WITH(systemd,
+ [ --with-systemd Enable systemd support],
+ [ if test "x$withval" != "xno" ; then
+ AC_PATH_TOOL([PKGCONFIG], [pkg-config], [no])
+ if test "$PKGCONFIG" != "no"; then
+ AC_MSG_CHECKING([for libsystemd])
+ if $PKGCONFIG --exists libsystemd; then
+ SYSTEMD_CFLAGS='$PKGCONFIG --cflags libsystemd'
+ SYSTEMD_LIBS='$PKGCONFIG --libs libsystemd'
+ CPPFLAGS="$CPPFLAGS $SYSTEMD_CFLAGS"
+ SSHDLIBS="$SSHDLIBS $SYSTEMD_LIBS"
+ AC_MSG_RESULT([yes])
+ AC_DEFINE(HAVE_SYSTEMD, 1, [Define if you want systemd support.])
+ SYSTEMD_MSG="yes"
+ else
+ AC_MSG_RESULT([no])
+ fi
+ fi
+ fi ]
+)
+
# Looking for programs, paths and files
PRIVSEP_PATH=/var/empty
@@ -5121,6 +5144,7 @@ echo " libedit support: $LIBEDIT_MSG"
echo " Solaris process contract support: $SPC_MSG"
echo " Solaris project support: $SP_MSG"
echo " Solaris privilege support: $SPP_MSG"
+echo " systemd support: $SYSTEMD_MSG"
echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
echo " BSD Auth support: $BSD_AUTH_MSG"
diff --git a/sshd.c b/sshd.c
index 837409b..868df9e 100644
--- a/sshd.c
+++ b/sshd.c
@@ -85,6 +85,10 @@
#include <prot.h>
#endif
+#ifdef HAVE_SYSTEMD
+#include <systemd/sd-daemon.h>
+#endif
+
#include "xmalloc.h"
#include "ssh.h"
#include "ssh1.h"
@@ -2117,6 +2121,11 @@ main(int ac, char **av)
unsetenv("SSH_SIGSTOP");
}
+#ifdef HAVE_SYSTEMD
+ /* Signal systemd that we are ready to accept connections */
+ sd_notify(0, "READY=1");
+#endif
+
/* Accept a connection and return in a forked child */
server_accept_loop(&sock_in, &sock_out,
&newsock, config_s);