Summary: | net-misc/openssh-6.1_p1 creates /etc/ssh/sshd.pid instead of /var/run/sshd.pid. | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Piotr Karbowski (RETIRED) <slashbeast> |
Component: | Current packages | Assignee: | Gentoo's Team for Core System packages <base-system> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | azamat.hackimov, moonlapse81 |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 292843 | ||
Bug Blocks: |
Description
Piotr Karbowski (RETIRED)
2012-09-20 16:12:52 UTC
I tested on my current system running openssh-6.1_p1 and this doesn't happen. The conf file at /etc/conf.d/sshd has the pid path commented out as: #SSHD_PIDFILE="/var/run/sshd.pid" And, /etc/ssh/sshd_config contains this commented line, too: #PidFile /var/run/sshd.pid I get the pid file in the usual place: # ls /var/run/sshd.pid /var/run/sshd.pid Can you check the pid paths in your config files? The initscript's pidfile varialbe is not working, the start-stop-deamon --pidfile does not create noting. My workaround was input "Pidfile /var/run/sshd.pid" into sshd_config. Also I had to bump my grsecurity RBAC policy as now 'sshd' process create this file, not start stop deamon. I reproduced it on clean gentoo upgraded to ~amd64. please post `emerge --info <pkg>` in all of your bug reports as documented as well as the full build log for your openssh build the default for me is still /var/run/sshd.pid, and setting the SSHD_PIDFILE also works for me: # grep PID /etc/conf.d/sshd SSHD_PIDFILE="/var/run/sshd---.pid" # ps -p 15192 -o pid,cmd h 15192 /usr/sbin/sshd -o PidFile=/var/run/sshd---.pid # cat /var/run/sshd---.pid 15192 Now this is interesing. Because o #435796 I did multiple reinstallations of various openssh versions and I can't reproduce it anymore. What is also disturbing is that now I can see "#PidFile /var/run/sshd.pid" but it used to point to /etc/ssh/sshd.pid (the default, hashed value). Also my testcase was broken as I missed the whole -o PidFile part and tried to manualy run start-stop-deamon with --pidfile /custom/path/asd.pid. Anyway, I cannot it reproduce and my test was flawed. so I will switch it to invalid. The current emerge info: Portage 2.2.0_alpha131 (default/linux/amd64/10.0, gcc-4.5.4, glibc-2.15-r2, 3.5.4-hardened x86_64) ================================================================= System Settings ================================================================= System uname: Linux-3.5.4-hardened-x86_64-Mobile_AMD_Sempron-tm-_Processor_2100+-with-gentoo-2.2 Timestamp of tree: Sat, 22 Sep 2012 11:00:01 +0000 ccache version 3.1.8 [enabled] app-shells/bash: 4.2_p37 dev-lang/python: 2.7.3-r2, 3.2.3-r1 dev-util/ccache: 3.1.8 dev-util/pkgconfig: 0.27.1 sys-apps/baselayout: 2.2 sys-apps/openrc: 0.10.5 sys-apps/sandbox: 2.6 sys-devel/autoconf: 2.69 sys-devel/automake: 1.12.4 sys-devel/binutils: 2.22-r1 sys-devel/gcc: 4.5.4 sys-devel/gcc-config: 1.7.3 sys-devel/libtool: 2.4.2 sys-devel/make: 3.82-r3 sys-kernel/linux-headers: 3.5 (virtual/os-headers) sys-libs/glibc: 2.15-r2 Repositories: gentoo foo-overlay ACCEPT_KEYWORDS="amd64 ~amd64" ACCEPT_LICENSE="*" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-O2 -pipe -mtune=generic -fno-var-tracking" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/gnupg/qualified.txt" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo" CXXFLAGS="-O2 -pipe -mtune=generic -fno-var-tracking" DISTDIR="/var/portage/distfiles" EMERGE_DEFAULT_OPTS="--with-bdeps y --binpkg-respect-use y" FCFLAGS="-O2 -pipe" FEATURES="assume-digests binpkg-logs ccache distlocks ebuild-locks fixlafiles news parallel-fetch preserve-libs protect-owned sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch" FFLAGS="-O2 -pipe" GENTOO_MIRRORS="http://distfiles.gentoo.org" LC_ALL="en_US.UTF-8" LDFLAGS="-Wl,-O1 -Wl,--as-needed" LINGUAS="en pl" MAKEOPTS="--quiet -j2" PKGDIR="/var/portage/packages" PORTAGE_COMPRESS="bzip2" PORTAGE_COMPRESS_FLAGS="-9" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/var/portage/tree" PORTDIR_OVERLAY="/var/lib/layman/foo-overlay" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="acl amd64 berkdb bzip2 cli cracklib crypt cups cxx dbus dri fontconfig fortran gdbm gpm iconv ipv6 jpeg lcdfilter logrotate mmx modules mudflap multilib ncurses nls nptl opengl openmp pam pcre png pppd readline session sse sse2 ssl tcpd threads unicode vim-syntax xft zlib zsh-completion" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="kexi words flow plan sheets stage tables krita karbon braindump" CAMERAS="ptp2" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ubx" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" LINGUAS="en pl" PHP_TARGETS="php5-3" PYTHON_TARGETS="python3_2 python2_7" RUBY_TARGETS="ruby18 ruby19" USERLAND="GNU" VIDEO_CARDS="fbdev glint intel mach64 mga neomagic nouveau nv r128 radeon savage sis tdfx trident vesa via vmware dummy v4l" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" Unset: CPPFLAGS, CTARGET, INSTALL_MASK, LANG, PORTAGE_BUNZIP2_COMMAND, PORTAGE_RSYNC_EXTRA_OPTS, USE_PYTHON ================================================================= Package Settings ================================================================= net-misc/openssh-6.1_p1 was built with the following: USE="(multilib) pam tcpd -X -X509 -hpn -kerberos -ldap -libedit (-selinux) -skey -static" vapier: This is still happening, here's a box that I freshly installed, with research to show you where the problem is. $ strings /usr/sbin/sshd |grep sshd.pid /etc/ssh/sshd.pid $ grep sshd.pid /etc/conf.d/sshd /etc/ssh/* /etc/conf.d/sshd:#SSHD_PIDFILE="/var/run/sshd.pid" /etc/ssh/sshd_config:#PidFile /var/run/sshd.pid net-misc/openssh-6.1_p1. The build log is interesting: OpenSSH has been configured with the following options: User binaries: /usr/bin System binaries: /usr/sbin Configuration files: /etc/ssh Askpass program: /usr/lib64/misc/ssh-askpass Manual pages: /usr/share/man/manX PID file: /etc/ssh The problem is this chunk in configure.ac: ===== # Where to place sshd.pid piddir=/var/run # make sure the directory exists if test ! -d $piddir ; then piddir=`eval echo ${sysconfdir}` case $piddir in NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;; esac fi AC_ARG_WITH([pid-dir], ... ===== Sufficiently early in the install of a new machine, /var/run doesn't yet exist (or sometimes is a dead symlink to /run), so it uses sysconfdir instead, which is /etc/ssh. It's also hardcoded in the stock sshd_config, so you never noticed it there. Portage 2.2.0_alpha136 (default/linux/amd64/10.0/server, gcc-4.6.3, glibc-2.15-r3, 3.5.4 x86_64) ================================================================= System uname: Linux-3.5.4-x86_64-Intel-R-_Xeon-R-_CPU_E5-2670_0_@_2.60GHz-with-gentoo-2.2 Timestamp of tree: Tue, 09 Oct 2012 16:45:01 +0000 app-shells/bash: 4.2_p37 dev-lang/python: 2.7.3-r2, 3.2.3-r1 dev-util/cmake: 2.8.9-r1 dev-util/pkgconfig: 0.27.1 sys-apps/baselayout: 2.2 sys-apps/openrc: 0.10.5 sys-apps/sandbox: 2.6 sys-devel/autoconf: 2.69 sys-devel/automake: 1.4_p6-r1, 1.10.3, 1.11.6, 1.12.4 sys-devel/binutils: 2.22.90 sys-devel/gcc: 4.5.4, 4.6.3 sys-devel/gcc-config: 1.7.3 sys-devel/libtool: 2.4.2 sys-devel/make: 3.82-r4 sys-kernel/linux-headers: 3.6 (virtual/os-headers) sys-libs/glibc: 2.15-r3 Repositories: gentoo isohunt-overlay ACCEPT_KEYWORDS="amd64 ~amd64" ACCEPT_LICENSE="* @EULA" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-O2 -pipe -g -march=native" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/gnupg/qualified.txt" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo" CXXFLAGS="-O2 -pipe -march=native" DISTDIR="/nfsroot/distfiles" EMERGE_DEFAULT_OPTS="--binpkg-respect-use=y" FCFLAGS="-O2 -pipe" FEATURES="assume-digests binpkg-logs buildpkg collision-protect config-protect-if-modified distlocks ebuild-locks fixlafiles news parallel-fetch preserve-libs protect-owned sandbox sfperms splitdebug strict unknown-features-warn unmerge-logs unmerge-orphans userfetch xattr" FFLAGS="-O2 -pipe" GENTOO_MIRRORS="http://mirror2.corbina.ru/gentoo-distfiles/ http://gentoo.mirror.dkm.cz/pub/gentoo/ http://ftp-stud.hs-esslingen.de/pub/Mirrors/gentoo/ http://mirror.mdfnet.se/gentoo http://de-mirror.org/gentoo/" LANG="en_US.UTF-8" LDFLAGS="-Wl,-O1 -Wl,--as-needed" MAKEOPTS="-j32" PKGDIR="/nfsroot/packages/db-xeon_e5" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/dev/shm" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://10.0.1.4/local-portage" USE="amd64 async authdaemond authlib bash-completion berkdb bzip2 bzlib cap caps cdb chroot ck-server cli cracklib crypt curlwrappers cxx dba dbm dbx device-mapper dio dri erandom exif extensions f2c fam fastcgi flatfile gd-external gdbm geoip gnutls hpn iconv idn imap innodb ipv6 jpeg libevent lids lm_sensors logrotate memlimit mmx modules mpi mudflap multilib mysql mysqli ncurses nethack network-cron nfs nls no-htdocs nptl nptlonly offensive openmp pam pcre perl png posix pppd qmail readline reiserfs romio rrdtool session sftp sftplogging sharedext snmp soap sockets sqlite sse sse2 ssl symlink sysvipc tcpd threads truetype unicode urandom v8 vim-syntax vpopmail xattr xml xmlrpc zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="kexi words flow plan sheets stage tables krita karbon braindump" CAMERAS="ptp2" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ubx" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" NGINX_MODULES_HTTP="access auth_basic autoindex browser charset dav empty_gif fastcgi geo geoip gzip gzip_static limit_req limit_zone proxy realip referer rewrite stub_status" PHP_TARGETS="php5-3 php5-4" PYTHON_TARGETS="python3_2 python2_7" RUBY_TARGETS="ruby18 ruby19" USERLAND="GNU" VIDEO_CARDS="fbdev glint intel mach64 mga neomagic nouveau nv r128 radeon savage sis tdfx trident vesa via vmware dummy v4l" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" Unset: CPPFLAGS, CTARGET, INSTALL_MASK, LC_ALL, LINGUAS, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, USE_PYTHON (In reply to comment #5) i don't know what you mean by "sufficiently early" ... there is no point where /var/run should not exist yes, the -e test is a bad one, but it shouldn't be an issue on any host system should be all set now in the tree; thanks for the report! Commit message: Always specify pid-dir to avoid configure script falling back to /etc/ssh on broken systems http://sources.gentoo.org/net-misc/openssh/openssh-6.1_p1.ebuild?r1=1.2&r2=1.3 *** Bug 461600 has been marked as a duplicate of this bug. *** *Stable* 5.9 still affected. Please fix it. Why these things happens? Why you guys, fixing obvious errors in unstable, but leave stable with error? (In reply to comment #9) unstable will eventually become stable. that's how testing works. |