[git.ipfire.org] IPFire 2.x development tree branch, master, updated. 0b9c2434f0becb75029fa8bc665678b11ce7bea1

[Michael Tremer <git@ipfire.org>]

[-- Attachment #1: Type: text/plain, Size: 3657 bytes --]

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".

The branch, master has been updated
       via  0b9c2434f0becb75029fa8bc665678b11ce7bea1 (commit)
       via  acc8336f945b66d66fc15417905ce6bf2707876f (commit)
      from  201ad7ff80eb8870aab2b903be6eb7aea2adf563 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 0b9c2434f0becb75029fa8bc665678b11ce7bea1
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date:   Tue Oct 27 13:32:19 2020 +0000

    core152: Ship updated SSH initscript
    
    Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>

commit acc8336f945b66d66fc15417905ce6bf2707876f
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date:   Tue Oct 27 14:20:56 2020 +0100

    OpenSSH: Fix initscript to actually kill the daemon
    
    The SSH daemon was not terminated properly because killproc
    tried to terminate all processes with that name. That caused
    that the master daemon respawned some processed which were
    therefore not killed because killproc determined a list of
    PIDs only once before starting sending signals.
    
    This patch only kills the master process which is being
    determined by using sshd's pid file.
    
    That results in all established connections not being
    interrupted any more.
    
    Furthermore, the loadproc function checks if any processes
    with the given name are already running which could be true
    if there are any connections still open.
    That check is being disabled with the -f switch and sshd
    will always be launched.
    
    "/etc/init.d/sshd stop" might now print FAIL if only the
    master process, but no connection processes were terminated.
    
    Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>

-----------------------------------------------------------------------

Summary of changes:
 config/rootfiles/core/152/filelists/files | 1 +
 src/initscripts/system/sshd               | 4 ++--
 2 files changed, 3 insertions(+), 2 deletions(-)

Difference in files:
diff --git a/config/rootfiles/core/152/filelists/files b/config/rootfiles/core/152/filelists/files
index 1007ce32e..8a05052ec 100644
--- a/config/rootfiles/core/152/filelists/files
+++ b/config/rootfiles/core/152/filelists/files
@@ -8,6 +8,7 @@ etc/rc.d/helper/gcp-setup
 etc/rc.d/helper/oci-setup
 etc/rc.d/init.d/networking/any
 etc/rc.d/init.d/networking/red
+etc/rc.d/init.d/sshd
 srv/web/ipfire/cgi-bin/credits.cgi
 srv/web/ipfire/cgi-bin/logs.cgi/log.dat
 srv/web/ipfire/cgi-bin/proxy.cgi
diff --git a/src/initscripts/system/sshd b/src/initscripts/system/sshd
index 7b4092d38..c3c02adc1 100644
--- a/src/initscripts/system/sshd
+++ b/src/initscripts/system/sshd
@@ -25,7 +25,7 @@ case "$1" in
 
         [ -e "/var/ipfire/remote/enablessh" ] || exit 0 # SSH is not enabled
         boot_mesg "Starting SSH Server..."
-        loadproc /usr/sbin/sshd 
+        loadproc -f /usr/sbin/sshd
 
         # Also prevent ssh from being killed by out of memory conditions
 	(
@@ -37,7 +37,7 @@ case "$1" in
 
     stop)
         boot_mesg "Stopping SSH Server..."
-        killproc /usr/sbin/sshd
+        killproc -p "/var/run/sshd.pid" /usr/sbin/sshd
         ;;
 
     reload)


hooks/post-receive
--
IPFire 2.x development tree