Package: openssh-server Version: 1:5.1p1-7 Severity: wishlist
Hi, Now that the default syslog daemon is rsyslog, openssh-server could ship a configure snippet in /etc/rsyslog.d/openssh-server.conf that contains: $$AddUnixListenSocket /var/run/sshd/dev/log And probably the issue should be documented in README.Debian for the other syslog variants. That still leaves the question who creates /var/run/sshd/dev. I'm using the following patch on some machines: Index: init.d/ssh =================================================================== --- init.d/ssh (revision 3863) +++ init.d/ssh (working copy) @@ -59,8 +59,8 @@ check_privsep_dir() { # Create the PrivSep empty dir if necessary - if [ ! -d /var/run/sshd ]; then - mkdir /var/run/sshd + if [ ! -d /var/run/sshd/dev ]; then + mkdir -p /var/run/sshd/dev chmod 0755 /var/run/sshd fi } Unfortunately it won't really help when /var/run is on tmpfs, because the syslog daemon is started before the ssh init script has run. The only proper solution I can think of right now is to split the ssh init script in two: - the first part runs before any syslog daemon, and does nothing except creating /var/run/sshd/dev directory if it is missing - the second part runs after the syslog daemon has started, and does the rest. Gabor -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable'), (110, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.30.5 (SMP w/2 CPU cores; PREEMPT) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages openssh-server depends on: ii adduser 3.110 add and remove users and groups ii debconf [debconf-2.0] 1.5.27 Debian configuration management sy ii dpkg 1.15.3.1+b1 Debian package management system ii libc6 2.9-26 GNU C Library: Shared libraries ii libcomerr2 1.41.9-1 common error description library ii libgssapi-krb5-2 1.7dfsg~beta3-1 MIT Kerberos runtime libraries - k ii libk5crypto3 1.7dfsg~beta3-1 MIT Kerberos runtime libraries - C ii libkrb5-3 1.7dfsg~beta3-1 MIT Kerberos runtime libraries ii libpam-modules 1.1.0-1 Pluggable Authentication Modules f ii libpam-runtime 1.1.0-1 Runtime support for the PAM librar ii libpam0g 1.1.0-1 Pluggable Authentication Modules l ii libselinux1 2.0.85-2 SELinux shared libraries ii libssl0.9.8 0.9.8k-4 SSL shared libraries ii libwrap0 7.6.q-18 Wietse Venema's TCP wrappers libra ii lsb-base 3.2-23 Linux Standard Base 3.2 init scrip ii openssh-blacklist 0.4.1 list of default blacklisted OpenSS ii openssh-client 1:5.1p1-7 secure shell client, an rlogin/rsh ii procps 1:3.2.8-1 /proc file system utilities ii zlib1g 1:1.2.3.3.dfsg-15 compression library - runtime Versions of packages openssh-server recommends: ii openssh-blacklist-extra 0.4.1 list of non-default blacklisted Op ii xauth 1:1.0.3-2 X authentication utility Versions of packages openssh-server suggests: pn molly-guard <none> (no description available) pn rssh <none> (no description available) pn ssh-askpass <none> (no description available) pn ufw <none> (no description available) -- debconf information excluded -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org