892784 – net-misc/openssh: Add the option to automatically restart sshd in the systemd service file.

Bug 892784 - net-misc/openssh: Add the option to automatically restart sshd in the systemd service file.

Summary: net-misc/openssh: Add the option to automatically restart sshd in the systemd...

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Gentoo's Team for Core System packages

URL:
Whiteboard:
Keywords:	PullRequest

Depends on:
Blocks:

Reported:	2023-02-01 07:39 UTC by Berin Aniesh
Modified:	2023-02-05 00:10 UTC (History)
CC List:	0 users

See Also:	https://github.com/gentoo/gentoo/pull/29386
Package list:
Runtime testing required:	---

Attachments
The url of the service file (since new accounts can't add urls in bug reports) (url.txt,83 bytes, text/plain) 2023-02-01 07:39 UTC, Berin Aniesh	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Berin Aniesh 2023-02-01 07:39:06 UTC

Created attachment 849588 [details]
The url of the service file (since new accounts can't add urls in bug reports)

The current systemd service file for sshd does not contain the restart=on-failure option to automatically restart ssh server if the service fails / crashes or gets killed, making the server unavailable to ssh. This is really problematic when the server is not physically accessible. So, please add the restart option to the service file.

Comment 1 Berin Aniesh 2023-02-01 09:29:10 UTC

restart=always is better I guess. 
on-failure only restarts on non 0 exit code and always restarts in all cases. The latter would be better for sshd.

Comment 2 Matt Jolly gentoo-dev

2023-02-02 07:41:47 UTC

Looked into this. `Restart=on-failure` seems like a sane default.

This will cover non-zero exit code, "Unclean" signals, Timers, and Watchdogs.

We shouldn't need to handle the remaining case "Zero exit code" here with
`Restart=always`; If the process exits normally I feel like it should stay exited.

Comment 3 Berin Aniesh 2023-02-02 08:43:53 UTC

I am no expert and so I looked into other distributions.

Debian uses Restart=on-failure
Link: https://sources.debian.org/src/openssh/1%3A9.1p1-2/debian/systemd/ssh.service/

Fedora uses Restart=on-failure
Link: https://src.fedoraproject.org/rpms/openssh/blob/rawhide/f/sshd.service

Arch linux uses Restart=always
Link: https://github.com/archlinux/svntogit-packages/blob/packages/openssh/trunk/sshd.service

OpenSUSE uses Restart=on-failure
Link: https://build.opensuse.org/package/view_file/network/openssh/sshd.service?expand=1

Comment 4 Larry the Git Cow gentoo-dev

2023-02-05 00:10:22 UTC

The bug has been closed via the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f0469c1f161335aad3997e34f9cef0af0436a502

commit f0469c1f161335aad3997e34f9cef0af0436a502
Author:     Matt Jolly <Matt.Jolly@footclan.ninja>
AuthorDate: 2023-02-02 05:44:07 +0000
Commit:     Mike Gilbert <floppym@gentoo.org>
CommitDate: 2023-02-05 00:10:07 +0000

    net-misc/openssh: update systemd units
    
    - Systemd unit file now sets:
      + OOMPolicy=continue
      + Restart=on-failure
      + RestartSec=42s
    - Removed `After=syslog.target` from sshd unit files
    - Remove obsolete substitutions
    
    Closes: https://bugs.gentoo.org/892784
    Closes: https://github.com/gentoo/gentoo/pull/29386
    Signed-off-by: Matt Jolly <Matt.Jolly@footclan.ninja>
    Signed-off-by: Mike Gilbert <floppym@gentoo.org>

 net-misc/openssh/files/sshd.service.1               | 15 +++++++++++++++
 net-misc/openssh/files/sshd_at.service.1            |  8 ++++++++
 ...enssh-9.2_p1.ebuild => openssh-9.2_p1-r1.ebuild} | 21 ++++++++++++---------
 3 files changed, 35 insertions(+), 9 deletions(-)