Patchwork openssh: use pidfile in initscript

login
register
mail settings
Submitter Ben Shelton
Date July 16, 2014, 9:28 p.m.
Message ID <1405546112-14100-1-git-send-email-ben.shelton@ni.com>
Download mbox | patch
Permalink /patch/75851/
State Accepted
Commit c0585ca59aff5b662da236d0c7692113825e1593
Headers show

Comments

Ben Shelton - July 16, 2014, 9:28 p.m.
From: Richard Tollerton <rich.tollerton@ni.com>

Stopping sshd must only kill the listening (top-level) daemon; it must
not stop any other sshd process, because those are forked ssh
connections which may include e.g. the connection that called
/etc/init.d/sshd stop.

This initscript uses "start-stop-daemon -x <exe>" for starting/stopping.
When that is provided by busybox, this behavior is broken:
`/etc/init.d/sshd stop` stops *all* sshd processes. This was caused by a
fix to busybox 1.20: 17eedcad9406c43beddab3906c8c693626c351fb
"ssd: compat: match -x EXECUTABLE by /proc/pid/exe too".

The fix is to use a pidfile. All initscripts in upstream openssh do this,
as does dropbear.

Acked-by: Gratian Crisan <gratian.crisan@ni.com>
Acked-by: Ken Sharp <ken.sharp@ni.com>
Signed-off-by: Richard Tollerton <rich.tollerton@ni.com>
Signed-off-by: Ben Shelton <ben.shelton@ni.com>
---
 meta/recipes-connectivity/openssh/openssh/init | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

Patch

diff --git a/meta/recipes-connectivity/openssh/openssh/init b/meta/recipes-connectivity/openssh/openssh/init
index 37c8e7b..70d4a34 100644
--- a/meta/recipes-connectivity/openssh/openssh/init
+++ b/meta/recipes-connectivity/openssh/openssh/init
@@ -1,6 +1,8 @@ 
 #! /bin/sh
 set -e
 
+PIDFILE=/var/run/sshd.pid
+
 # source function library
 . /etc/init.d/functions
 
@@ -70,12 +72,12 @@  case "$1" in
 	echo "Starting OpenBSD Secure Shell server: sshd"
 	check_keys
 	check_privsep_dir
-	start-stop-daemon -S -x /usr/sbin/sshd -- $SSHD_OPTS
+	start-stop-daemon -S -p $PIDFILE -x /usr/sbin/sshd -- $SSHD_OPTS
         echo "done."
 	;;
   stop)
         echo -n "Stopping OpenBSD Secure Shell server: sshd"
-	start-stop-daemon -K -x /usr/sbin/sshd
+	start-stop-daemon -K -p $PIDFILE -x /usr/sbin/sshd
         echo "."
 	;;
 
@@ -84,7 +86,7 @@  case "$1" in
 	check_keys
 	check_config
         echo -n "Reloading OpenBSD Secure Shell server's configuration"
-	start-stop-daemon -K -s 1 -x /usr/sbin/sshd
+	start-stop-daemon -K -p $PIDFILE -s 1 -x /usr/sbin/sshd
 	echo "."
 	;;
 
@@ -92,11 +94,11 @@  case "$1" in
   	check_keys
 	check_config
         echo -n "Restarting OpenBSD Secure Shell server: sshd"
-	start-stop-daemon -K --oknodo -x /usr/sbin/sshd
+	start-stop-daemon -K -p $PIDFILE --oknodo -x /usr/sbin/sshd
 	check_for_no_start
 	check_privsep_dir
 	sleep 2
-	start-stop-daemon -S -x /usr/sbin/sshd -- $SSHD_OPTS
+	start-stop-daemon -S -p $PIDFILE -x /usr/sbin/sshd -- $SSHD_OPTS
 	echo "."
 	;;