Package: debhelper
Version: 13.3.4
Severity: wishlist
File: /usr/bin/dh_systemd_enable
This is an obscure edge-case for systemd.
I am not an expert. What I'm proposing might be very silly.
Probably the approriate debian-systemd ML should be CC'd.
Background: what is systemd.preset?
===
You know how when you install a new .service,
you typically do "systemctl enable frobozzd.service",
which runs [Install] WantedBy=multi-user.target?
Well historically,
Debian policy was "if you install frobozzd, it starts right away with sensible
defaults", but
RHEL policy was "if you install frobozzd, it doesn't start until YOU configure
& enable it".
To avoid fights over defaults,
systemd has a layer of middleware to opt in/out of "enable frobozzd".
See https://manpages.debian.org/systemd.preset
But for various reasons it isn't really used much.
It is used automatically by systemd "first boot" mode, i.e. when you boot with
no /etc/machine-id.
It is used manually by calling "systemctl --root=/path/to/chroot preset-all".
Specific issue: openssh
===
The openssh rules file does this:
override_dh_systemd_enable:
dh_systemd_enable -popenssh-server --name ssh ssh.service
dh_systemd_enable -popenssh-server --name ssh --no-enable ssh.socket
But systemd preset doesn't "see" this, so BOTH units are enabled,
which causes boot-time failures (both bind to *:22 by default).
Here's a minimum recipe to reproduce:
bash5$ mmdebstrap sid /dev/null --include=init,openssh-server
--customize-hook='systemctl --root=$1 preset-all'
⋮
I: running --customize-hook in shell: sh -c 'systemctl --root=$1
preset-all' exec /tmp/mmdebstrap.E3rs3TFVsO
⋮
Created symlink
/tmp/mmdebstrap.E3rs3TFVsO/etc/systemd/system/sockets.target.wants/ssh.socket →
/usr/lib/systemd/system/ssh.socket.
⋮
I: success in 24.9741 seconds
I think the easy workaround is that "dh_enable_systemd --no-enable" should
create something like this:
/lib/systemd/system-preset/50-.preset:
# auto-generated by debhelper
disable
A sysadmin can still override this in /etc/, as is normal for systemd config
files.
There may be other implications I haven't considered, though!
-- System Information:
Debian Release: 11.0
APT prefers stable-updates
APT policy: (990, 'stable-updates'), (990, 'stable-security'), (990,
'stable'), (500, 'proposed-updates'), (500, 'unstable'), (500, 'testing'), (1,
'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 5.10.0-8-amd64 (SMP w/8 CPU threads)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE,
TAINT_UNSIGNED_MODULE
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages debhelper depends on:
ii autotools-dev20180224.1+nmu1
ii dh-autoreconf20
ii dh-strip-nondeterminism 1.12.0-1
ii dpkg 1.20.9
ii dpkg-dev 1.20.9
ii dwz 0.13+20210201-1
ii file 1:5.39-3
ii libdebhelper-perl13.3.4
ii libdpkg-perl 1.20.9
ii man-db 2.9.4-2
ii perl 5.32.1-4+deb11u1
ii po-debconf 1.0.21+nmu1
debhelper recommends no packages.
Versions of packages debhelper suggests:
pn dh-make
-- no debconf information