I took a fresh Xenial (daily) as well as a Xenial of the release day and ran
the commands:
$ apt-get clean && apt-get autoclean && apt-get autoremove && apt-get update &&
apt-get upgrade && apt-get dist-upgrade && reboot
Obviously the updated different amounts of packages, but none did break
the permissions of /var/run/sshd.
I wonder if the issue is in the OpenVZ 6 template that you use as that
seems to be the only difference that remains. I wonder if you'd have any
chance to do that in LXD or a KVM Guest as a comparison?
I downloaded the template from [1] and didn't find anythig obvious.
But after all /var/run is actually /run and that is a tmpfs mount - so after a
reboot nothing of the former run should be there. It should only contain things
created since boot.
I wondered what exactly will recreate that path.
It isn't the service itself as that fails:
$ systemctl stop sshd
$ rm -rf /run/sshd/
$ /usr/sbin/sshd -t
Missing privilege separation directory: /var/run/sshd
(The service behaves the same on start, so something else must have created
the path)
After a reboot it is there and has the correct permissions.
The old sysV inint script at /etc/init.d/ssh:71 would have done that, but in
systemd that should no more run. Here it is created by systemd-tmpfiles:
You should have a file like:
$ cat /usr/lib/tmpfiles.d/sshd.conf
d /var/run/sshd 0755 root root
That will make systemd to prepare the directory as it should be on every
boot.
Maybe something in that regard is broken on your openVZ container or template?
Please check:
1. is /var/run a symlink to /run
2. is /run a tmpfs mount
3. is /usr/lib/tmpfiles.d/sshd.conf existing and has the content I have shown?
4. if /var/run/sshd is not correct boot run `systemd-tmpfiles --create` is it
created (or permissions fixed)?
[1]: https://wiki.openvz.org/Download/template/precreated
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1814124
Title:
sshd does not start after update
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1814124/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
