Message ID | 20231115050507.3572177-1-xiangyu.chen@eng.windriver.com |
---|---|
State | Accepted, archived |
Commit | 4090dca8e44ec79ccb9a674db31e835d20b51888 |
Headers | show |
Series | [v2] openssh: add systemd readiness notification support | expand |
Hi Xiangyu, I believe the recipe patch can be shrinking to a new PACKAGECONFIG line, comments inline. Jose Xiangyu Chen <xiangyu.chen@eng.windriver.com> escreveu no dia quarta, 15/11/2023 à(s) 04:30: > From: Xiangyu Chen <xiangyu.chen@windriver.com> > > The sshd keeps on terminating and restarting in servel minutes, we can > observe > log from journalctl that the sshd was killed by systemd with signal 15: > > systemd[1]: sshd.service start operation timed out. Terminating. > sshd[374]: Received signal 15; terminating. > > When the sshd as a systemd service, it need to tell systemd with a "READY" > status, > and when it is restarted, it need to tell systemd with a "RELOADING" > status, otherwise, > systemd would treat it as failing service and restart it again. > > Taken a patch from openssh upstream PR[1], that after using a signal to > tell systemd > it is ready or reload now. > > Ref: > [1] > https://github.com/openssh/openssh-portable/pull/375/commits/be187435911cde6cc3cef6982a508261074f1e56 > > Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com> > --- > ...tional-support-for-systemd-sd_notify.patch | 99 +++++++++++++++++++ > .../openssh/openssh_9.5p1.bb | 5 +- > 2 files changed, 103 insertions(+), 1 deletion(-) > create mode 100644 > meta/recipes-connectivity/openssh/openssh/0001-systemd-Add-optional-support-for-systemd-sd_notify.patch > > diff --git > a/meta/recipes-connectivity/openssh/openssh/0001-systemd-Add-optional-support-for-systemd-sd_notify.patch > b/meta/recipes-connectivity/openssh/openssh/0001-systemd-Add-optional-support-for-systemd-sd_notify.patch > new file mode 100644 > index 0000000000..acda8f1ce9 > --- /dev/null > +++ > b/meta/recipes-connectivity/openssh/openssh/0001-systemd-Add-optional-support-for-systemd-sd_notify.patch > @@ -0,0 +1,99 @@ > +From be187435911cde6cc3cef6982a508261074f1e56 Mon Sep 17 00:00:00 2001 > +From: Matt Jolly <Matt.Jolly@footclan.ninja> > +Date: Thu, 2 Feb 2023 21:05:40 +1100 > +Subject: [PATCH] systemd: Add optional support for systemd `sd_notify` > + > +This is a rebase of Dennis Lamm's <expeditioneer@gentoo.org> > +patch based on Jakub Jelen's <jjelen@redhat.com> original patch > + > +Upstream-Status: Submitted [ > https://github.com/openssh/openssh-portable/pull/375/commits/be187435911cde6cc3cef6982a508261074f1e56 > ] > + > +Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com> > +--- > + configure.ac | 24 ++++++++++++++++++++++++ > + sshd.c | 13 +++++++++++++ > + 2 files changed, 37 insertions(+) > + > +diff --git a/configure.ac b/configure.ac > +index 22fee70f..486c189f 100644 > +--- a/configure.ac > ++++ b/configure.ac > +@@ -4835,6 +4835,29 @@ AC_SUBST([GSSLIBS]) > + AC_SUBST([K5LIBS]) > + AC_SUBST([CHANNELLIBS]) > + > ++# Check whether user wants systemd support > ++SYSTEMD_MSG="no" > ++AC_ARG_WITH(systemd, > ++ [ --with-systemd Enable systemd support], > ++ [ if test "x$withval" != "xno" ; then > ++ AC_PATH_TOOL([PKGCONFIG], [pkg-config], [no]) > ++ if test "$PKGCONFIG" != "no"; then > ++ AC_MSG_CHECKING([for libsystemd]) > ++ if $PKGCONFIG --exists libsystemd; then > ++ SYSTEMD_CFLAGS=`$PKGCONFIG --cflags > libsystemd` > ++ SYSTEMD_LIBS=`$PKGCONFIG --libs libsystemd` > ++ CPPFLAGS="$CPPFLAGS $SYSTEMD_CFLAGS" > ++ SSHDLIBS="$SSHDLIBS $SYSTEMD_LIBS" > ++ AC_MSG_RESULT([yes]) > ++ AC_DEFINE(HAVE_SYSTEMD, 1, [Define if you > want systemd support.]) > ++ SYSTEMD_MSG="yes" > ++ else > ++ AC_MSG_RESULT([no]) > ++ fi > ++ fi > ++ fi ] > ++) > ++ > + # Looking for programs, paths and files > + > + PRIVSEP_PATH=/var/empty > +@@ -5634,6 +5657,7 @@ echo " libldns support: $LDNS_MSG" > + echo " Solaris process contract support: $SPC_MSG" > + echo " Solaris project support: $SP_MSG" > + echo " Solaris privilege support: $SPP_MSG" > ++echo " systemd support: $SYSTEMD_MSG" > + echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG" > + echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" > + echo " BSD Auth support: $BSD_AUTH_MSG" > +diff --git a/sshd.c b/sshd.c > +index 6321936c..859d6a0b 100644 > +--- a/sshd.c > ++++ b/sshd.c > +@@ -88,6 +88,10 @@ > + #include <prot.h> > + #endif > + > ++#ifdef HAVE_SYSTEMD > ++#include <systemd/sd-daemon.h> > ++#endif > ++ > + #include "xmalloc.h" > + #include "ssh.h" > + #include "ssh2.h" > +@@ -310,6 +314,10 @@ static void > + sighup_restart(void) > + { > + logit("Received SIGHUP; restarting."); > ++#ifdef HAVE_SYSTEMD > ++ /* Signal systemd that we are reloading */ > ++ sd_notify(0, "RELOADING=1"); > ++#endif > + if (options.pid_file != NULL) > + unlink(options.pid_file); > + platform_pre_restart(); > +@@ -2086,6 +2094,11 @@ main(int ac, char **av) > + } > + } > + > ++#ifdef HAVE_SYSTEMD > ++ /* Signal systemd that we are ready to accept connections > */ > ++ sd_notify(0, "READY=1"); > ++#endif > ++ > + /* Accept a connection and return in a forked child */ > + server_accept_loop(&sock_in, &sock_out, > + &newsock, config_s); > +-- > +2.25.1 > + > diff --git a/meta/recipes-connectivity/openssh/openssh_9.5p1.bb > b/meta/recipes-connectivity/openssh/openssh_9.5p1.bb > index 3a94633cf0..bbb8fb091a 100644 > --- a/meta/recipes-connectivity/openssh/openssh_9.5p1.bb > +++ b/meta/recipes-connectivity/openssh/openssh_9.5p1.bb > @@ -26,6 +26,7 @@ SRC_URI = " > http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar > file://sshd_check_keys \ > file://add-test-support-for-busybox.patch \ > > file://0001-regress-banner.sh-log-input-and-output-files-on-erro.patch \ > + > file://0001-systemd-Add-optional-support-for-systemd-sd_notify.patch \ > " > SRC_URI[sha256sum] = > "f026e7b79ba7fb540f75182af96dc8a8f1db395f922bbc9f6ca603672686086b" > > @@ -51,7 +52,8 @@ INITSCRIPT_PARAMS:${PN}-sshd = "defaults 9" > SYSTEMD_PACKAGES = "${PN}-sshd" > SYSTEMD_SERVICE:${PN}-sshd = "sshd.socket sshd.service" > > -inherit autotools-brokensep ptest > +inherit autotools-brokensep ptest pkgconfig > +DEPENDS += "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'systemd', > '', d)}" > The DEPENDS is not need as it was added by the PACKAGECONFIG[systemd] > > PACKAGECONFIG ??= "" > PACKAGECONFIG[kerberos] = "--with-kerberos5,--without-kerberos5,krb5" > PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}" PACKAGECONFIG[systemd] = "--with-systemd,--without-systemd,systemd" @@ -69,6 +71,7 @@ EXTRA_OECONF = "'LOGIN_PROGRAM=${base_bindir}/login' \ > --sysconfdir=${sysconfdir}/ssh \ > --with-xauth=${bindir}/xauth \ > --disable-strip \ > + ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', > '--with-systemd', '--without-systemd', d)} \ > This is not need as it was added by the PACKAGECONFIG[systemd] " > > # musl doesn't implement wtmp/utmp and logwtmp > -- > 2.25.1 > > > -=-=-=-=-=-=-=-=-=-=-=- > Links: You receive all messages sent to this group. > View/Reply Online (#190553): > https://lists.openembedded.org/g/openembedded-core/message/190553 > Mute This Topic: https://lists.openembedded.org/mt/102599570/5052612 > Group Owner: openembedded-core+owner@lists.openembedded.org > Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [ > quaresma.jose@gmail.com] > -=-=-=-=-=-=-=-=-=-=-=- > >
diff --git a/meta/recipes-connectivity/openssh/openssh/0001-systemd-Add-optional-support-for-systemd-sd_notify.patch b/meta/recipes-connectivity/openssh/openssh/0001-systemd-Add-optional-support-for-systemd-sd_notify.patch new file mode 100644 index 0000000000..acda8f1ce9 --- /dev/null +++ b/meta/recipes-connectivity/openssh/openssh/0001-systemd-Add-optional-support-for-systemd-sd_notify.patch @@ -0,0 +1,99 @@ +From be187435911cde6cc3cef6982a508261074f1e56 Mon Sep 17 00:00:00 2001 +From: Matt Jolly <Matt.Jolly@footclan.ninja> +Date: Thu, 2 Feb 2023 21:05:40 +1100 +Subject: [PATCH] systemd: Add optional support for systemd `sd_notify` + +This is a rebase of Dennis Lamm's <expeditioneer@gentoo.org> +patch based on Jakub Jelen's <jjelen@redhat.com> original patch + +Upstream-Status: Submitted [https://github.com/openssh/openssh-portable/pull/375/commits/be187435911cde6cc3cef6982a508261074f1e56] + +Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com> +--- + configure.ac | 24 ++++++++++++++++++++++++ + sshd.c | 13 +++++++++++++ + 2 files changed, 37 insertions(+) + +diff --git a/configure.ac b/configure.ac +index 22fee70f..486c189f 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -4835,6 +4835,29 @@ AC_SUBST([GSSLIBS]) + AC_SUBST([K5LIBS]) + AC_SUBST([CHANNELLIBS]) + ++# Check whether user wants systemd support ++SYSTEMD_MSG="no" ++AC_ARG_WITH(systemd, ++ [ --with-systemd Enable systemd support], ++ [ if test "x$withval" != "xno" ; then ++ AC_PATH_TOOL([PKGCONFIG], [pkg-config], [no]) ++ if test "$PKGCONFIG" != "no"; then ++ AC_MSG_CHECKING([for libsystemd]) ++ if $PKGCONFIG --exists libsystemd; then ++ SYSTEMD_CFLAGS=`$PKGCONFIG --cflags libsystemd` ++ SYSTEMD_LIBS=`$PKGCONFIG --libs libsystemd` ++ CPPFLAGS="$CPPFLAGS $SYSTEMD_CFLAGS" ++ SSHDLIBS="$SSHDLIBS $SYSTEMD_LIBS" ++ AC_MSG_RESULT([yes]) ++ AC_DEFINE(HAVE_SYSTEMD, 1, [Define if you want systemd support.]) ++ SYSTEMD_MSG="yes" ++ else ++ AC_MSG_RESULT([no]) ++ fi ++ fi ++ fi ] ++) ++ + # Looking for programs, paths and files + + PRIVSEP_PATH=/var/empty +@@ -5634,6 +5657,7 @@ echo " libldns support: $LDNS_MSG" + echo " Solaris process contract support: $SPC_MSG" + echo " Solaris project support: $SP_MSG" + echo " Solaris privilege support: $SPP_MSG" ++echo " systemd support: $SYSTEMD_MSG" + echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG" + echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" + echo " BSD Auth support: $BSD_AUTH_MSG" +diff --git a/sshd.c b/sshd.c +index 6321936c..859d6a0b 100644 +--- a/sshd.c ++++ b/sshd.c +@@ -88,6 +88,10 @@ + #include <prot.h> + #endif + ++#ifdef HAVE_SYSTEMD ++#include <systemd/sd-daemon.h> ++#endif ++ + #include "xmalloc.h" + #include "ssh.h" + #include "ssh2.h" +@@ -310,6 +314,10 @@ static void + sighup_restart(void) + { + logit("Received SIGHUP; restarting."); ++#ifdef HAVE_SYSTEMD ++ /* Signal systemd that we are reloading */ ++ sd_notify(0, "RELOADING=1"); ++#endif + if (options.pid_file != NULL) + unlink(options.pid_file); + platform_pre_restart(); +@@ -2086,6 +2094,11 @@ main(int ac, char **av) + } + } + ++#ifdef HAVE_SYSTEMD ++ /* Signal systemd that we are ready to accept connections */ ++ sd_notify(0, "READY=1"); ++#endif ++ + /* Accept a connection and return in a forked child */ + server_accept_loop(&sock_in, &sock_out, + &newsock, config_s); +-- +2.25.1 + diff --git a/meta/recipes-connectivity/openssh/openssh_9.5p1.bb b/meta/recipes-connectivity/openssh/openssh_9.5p1.bb index 3a94633cf0..bbb8fb091a 100644 --- a/meta/recipes-connectivity/openssh/openssh_9.5p1.bb +++ b/meta/recipes-connectivity/openssh/openssh_9.5p1.bb @@ -26,6 +26,7 @@ SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar file://sshd_check_keys \ file://add-test-support-for-busybox.patch \ file://0001-regress-banner.sh-log-input-and-output-files-on-erro.patch \ + file://0001-systemd-Add-optional-support-for-systemd-sd_notify.patch \ " SRC_URI[sha256sum] = "f026e7b79ba7fb540f75182af96dc8a8f1db395f922bbc9f6ca603672686086b" @@ -51,7 +52,8 @@ INITSCRIPT_PARAMS:${PN}-sshd = "defaults 9" SYSTEMD_PACKAGES = "${PN}-sshd" SYSTEMD_SERVICE:${PN}-sshd = "sshd.socket sshd.service" -inherit autotools-brokensep ptest +inherit autotools-brokensep ptest pkgconfig +DEPENDS += "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'systemd', '', d)}" PACKAGECONFIG ??= "" PACKAGECONFIG[kerberos] = "--with-kerberos5,--without-kerberos5,krb5" @@ -69,6 +71,7 @@ EXTRA_OECONF = "'LOGIN_PROGRAM=${base_bindir}/login' \ --sysconfdir=${sysconfdir}/ssh \ --with-xauth=${bindir}/xauth \ --disable-strip \ + ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '--with-systemd', '--without-systemd', d)} \ " # musl doesn't implement wtmp/utmp and logwtmp