Package: needrestart Version: 3.5-5 Severity: normal Hi,
when using ssh as a socket activated service (systemctl stop/disable ssh.service, systemctl enable/start ssh.socket), after a library update needrestart will offer to restart ssh.service. This fails since port 22 is occupied by the instance services and causes the machine to be without listening process after logging out. A possible workaround is masking ssh.service, see #1001320. Restarting services... systemctl restart console-log.service cron.service exim4.service haveged.service ippl.service ntp.service rsyslog.service serial-getty@ttyS0.service ssh.service systemd-journald.service systemd-networkd.service systemd-resolved.service systemd-udevd.service Job for ssh.service failed because the control process exited with error code. See "systemctl status ssh.service" and "journalctl -xeu ssh.service" for details. Service restarts being deferred: /etc/needrestart/restart.d/dbus.service systemctl restart getty@tty1.service systemctl restart systemd-logind.service systemctl restart user@1001.service and the following log entries: Dec 8 12:58:26 emptybookworm82 systemd[1]: Stopping LSB: Puts a logfile pager on virtual consoles... Dec 8 12:58:26 emptybookworm82 systemd[1]: Stopping Regular background program processing daemon... Dec 8 12:58:26 emptybookworm82 systemd[1]: cron.service: Deactivated successfully. Dec 8 12:58:26 emptybookworm82 cron[429258]: (CRON) INFO (pidfile fd = 3) Dec 8 12:58:26 emptybookworm82 systemd[1]: Stopped Regular background program processing daemon. Dec 8 12:58:26 emptybookworm82 systemd[1]: cron.service: Consumed 15min 4.856s CPU time. Dec 8 12:58:26 emptybookworm82 systemd[1]: Started Regular background program processing daemon. Dec 8 12:58:26 emptybookworm82 systemd[1]: Stopping LSB: exim Mail Transport Agent... Dec 8 12:58:26 emptybookworm82 systemd[1]: Stopping Entropy Daemon based on the HAVEGE algorithm... Dec 8 12:58:26 emptybookworm82 systemd[1]: Stopping LSB: IP protocols logger... Dec 8 12:58:26 emptybookworm82 systemd[1]: Stopping Network Time Service... Dec 8 12:58:26 emptybookworm82 systemd[1]: Stopping System Logging Service... Dec 8 12:58:26 emptybookworm82 systemd[1]: Stopping Serial Getty on ttyS0... Dec 8 12:58:26 emptybookworm82 systemd[1]: serial-getty@ttyS0.service: Deactivated successfully. Dec 8 12:58:26 emptybookworm82 systemd[1]: Stopped Serial Getty on ttyS0. Dec 8 12:58:26 emptybookworm82 systemd[1]: Started Serial Getty on ttyS0. Dec 8 12:58:26 emptybookworm82 systemd[1]: ssh.socket: Deactivated successfully. Dec 8 12:58:26 emptybookworm82 systemd[1]: Closed OpenBSD Secure Shell server socket. Dec 8 12:58:26 emptybookworm82 systemd[1]: ssh.socket: Consumed 10.571s CPU time. Dec 8 12:58:26 emptybookworm82 systemd[1]: Starting OpenBSD Secure Shell server... Dec 8 12:58:26 emptybookworm82 systemd[1]: Stopping Flush Journal to Persistent Storage... Dec 8 12:58:26 emptybookworm82 systemd[1]: systemd-networkd-wait-online.service: Deactivated successfully. Dec 8 12:58:26 emptybookworm82 systemd[1]: Stopped Wait for Network to be Configured. Dec 8 12:58:26 emptybookworm82 systemd[1]: Stopping Wait for Network to be Configured... Dec 8 12:58:26 emptybookworm82 systemd[1]: Stopping Network Name Resolution... Dec 8 12:58:26 emptybookworm82 systemd[1]: ssh.service: Main process exited, code=exited, status=255/EXCEPTION Dec 8 12:58:26 emptybookworm82 systemd[1]: ssh.service: Failed with result 'exit-code'. Dec 8 12:58:26 emptybookworm82 systemd[1]: Failed to start OpenBSD Secure Shell server. Dec 8 12:58:26 emptybookworm82 ntpd[298]: ntpd exiting on signal 15 (Terminated) Dec 8 12:58:26 emptybookworm82 ntpd[298]: 2a01:4f8:140:246a::2 local addr 2a01:4f8:140:246a::52:100 -> <null> Dec 8 12:58:26 emptybookworm82 haveged[220]: haveged: Stopping due to signal 15 Dec 8 12:58:27 emptybookworm82 cron[429258]: (CRON) INFO (Skipping @reboot jobs -- not system startup) Dec 8 12:58:27 emptybookworm82 systemd[1]: systemd-journal-flush.service: Deactivated successfully. Dec 8 12:58:27 emptybookworm82 systemd[1]: Stopped Flush Journal to Persistent Storage. Dec 8 12:58:27 emptybookworm82 exim4[429259]: exim4_listener. Here is what Timo Weingärtner found out in relation to my bug report against sshd: | To me it looks like a problem in needrestart. The (forked off) sshd process | handling your client connection belongs to cgroup session-NN.scope, no matter | if it was started by systemd socket activation or regular sshd. | | needrestart (invoked with "-vlp" here) detects a process with outdated libs: | | [main] #2111961 uses deleted /lib/x86_64-linux-gnu/libnss_files-2.32.so | [main] #2111961 is a child of #2111904 | | Then it figures out the binary and the cgroup: | | [main] #2111961 exe => /usr/sbin/sshd | [main] trying systemctl status | | cgroup detection didn't work, so: | | [main] #2111961 running /etc/needrestart/hook.d/10-dpkg | [main] #2111961 package: openssh-server | [main] #2111961 running /etc/needrestart/hook.d/20-rpm | [main] #2111961 running /etc/needrestart/hook.d/90-none | | /etc/needrestart/hook.d/10-dpkg also finds /etc/init.d/ssh and we end up with: | | Services: | […] | - spamassassin.service | - ssh | - systemd-journald.service | […] | | Note the missing ".service". Then you have it invoke "systemctl restart | ssh.service" and voilà. | | A workaround might be masking ssh.service. A per-client process should not get restarted by needrestart. This might happen even if ssh.service is running, but it is usually harmless. You might find more information in #1001320 regarding ssh. Greetings Marc, thanking Timo for his insights and help -- Package-specific info: needrestart output: Your outdated processes: kaccess[6984], kalarm[14960], kdeconnectd[7001], kded5[6924], kdeinit5[6907], kglobalaccel5[6937], klauncher[6908], konsole[7011, 41112], krunner[837284], ksmserver[6965], kwalletd5[6727], kwin_x11[6928], obexd[7066], plasmashell[6989], pulseaudio[6717], telegram-deskto[7262], yakuake[7063] checkrestart output: -- System Information: Debian Release: bookworm/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.15.10-zgws1 (SMP w/4 CPU threads) Kernel taint flags: TAINT_DIE, TAINT_OOT_MODULE Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8), LANGUAGE=en Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages needrestart depends on: ii binutils 2.37-10 ii dpkg 1.21.1 ii gettext-base 0.21-4 ii libintl-perl 1.26-3 ii libmodule-find-perl 0.15-1 ii libmodule-scandeps-perl 1.31-1 ii libproc-processtable-perl 0.634-1 ii libsort-naturally-perl 1.03-2 ii libterm-readkey-perl 2.38-1+b2 ii perl 5.32.1-6 ii xz-utils 5.2.5-2 Versions of packages needrestart recommends: ii libpam-systemd 249.7-1 Versions of packages needrestart suggests: ii iucode-tool 2.3.1-1 ii libnotify-bin 0.7.9-3 -- no debconf information