This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree".
The branch, master has been updated via 0b9c2434f0becb75029fa8bc665678b11ce7bea1 (commit) via acc8336f945b66d66fc15417905ce6bf2707876f (commit) from 201ad7ff80eb8870aab2b903be6eb7aea2adf563 (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit 0b9c2434f0becb75029fa8bc665678b11ce7bea1 Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Oct 27 13:32:19 2020 +0000
core152: Ship updated SSH initscript
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit acc8336f945b66d66fc15417905ce6bf2707876f Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Oct 27 14:20:56 2020 +0100
OpenSSH: Fix initscript to actually kill the daemon
The SSH daemon was not terminated properly because killproc tried to terminate all processes with that name. That caused that the master daemon respawned some processed which were therefore not killed because killproc determined a list of PIDs only once before starting sending signals.
This patch only kills the master process which is being determined by using sshd's pid file.
That results in all established connections not being interrupted any more.
Furthermore, the loadproc function checks if any processes with the given name are already running which could be true if there are any connections still open. That check is being disabled with the -f switch and sshd will always be launched.
"/etc/init.d/sshd stop" might now print FAIL if only the master process, but no connection processes were terminated.
Signed-off-by: Michael Tremer michael.tremer@ipfire.org
-----------------------------------------------------------------------
Summary of changes: config/rootfiles/core/152/filelists/files | 1 + src/initscripts/system/sshd | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-)
Difference in files: diff --git a/config/rootfiles/core/152/filelists/files b/config/rootfiles/core/152/filelists/files index 1007ce32e..8a05052ec 100644 --- a/config/rootfiles/core/152/filelists/files +++ b/config/rootfiles/core/152/filelists/files @@ -8,6 +8,7 @@ etc/rc.d/helper/gcp-setup etc/rc.d/helper/oci-setup etc/rc.d/init.d/networking/any etc/rc.d/init.d/networking/red +etc/rc.d/init.d/sshd srv/web/ipfire/cgi-bin/credits.cgi srv/web/ipfire/cgi-bin/logs.cgi/log.dat srv/web/ipfire/cgi-bin/proxy.cgi diff --git a/src/initscripts/system/sshd b/src/initscripts/system/sshd index 7b4092d38..c3c02adc1 100644 --- a/src/initscripts/system/sshd +++ b/src/initscripts/system/sshd @@ -25,7 +25,7 @@ case "$1" in
[ -e "/var/ipfire/remote/enablessh" ] || exit 0 # SSH is not enabled boot_mesg "Starting SSH Server..." - loadproc /usr/sbin/sshd + loadproc -f /usr/sbin/sshd
# Also prevent ssh from being killed by out of memory conditions ( @@ -37,7 +37,7 @@ case "$1" in
stop) boot_mesg "Stopping SSH Server..." - killproc /usr/sbin/sshd + killproc -p "/var/run/sshd.pid" /usr/sbin/sshd ;;
reload)
hooks/post-receive -- IPFire 2.x development tree