On Wed, Feb 28, 2024 at 01:17:32AM +0100, Marco d'Itri wrote:
> On Jan 25, Marco d'Itri wrote:
> > systemd currently expects the template to be named sshd@.service
> > (because that is what Fedora uses), but if you prefer to keep the
> > ssh@.service name then I suppose that we could patch systemd as well.
>
> Is there any way I can help with this?
> The major issue is deciding how you want the template to be called.
Does this patch look workable? It mostly just resurrects the template
unit we used to ship, under a different name.
diff --git a/debian/changelog b/debian/changelog
index 873dddcfa..78863e039 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,14 @@
+openssh (1:9.6p1-5) UNRELEASED; urgency=medium
+
+ * Restore systemd template unit for per-connection sshd instances,
+although without any corresponding .socket unit for now; this is mainly
+for use with the forthcoming systemd-ssh-generator (closes: #1061516).
+It's now called sshd@.service, since unlike the main service there's no
+need to be concerned about compatibility with the slightly confusing
+"ssh" service name that Debian has traditionally used.
+
+ -- Colin Watson Sun, 03 Mar 2024 19:49:58 +
+
openssh (1:9.6p1-4) unstable; urgency=medium
* Add sshd_config checksums for 1:9.2p1-1 to ucf reference file, and add a
diff --git a/debian/openssh-server.install b/debian/openssh-server.install
index cf86dce41..5bf99be16 100755
--- a/debian/openssh-server.install
+++ b/debian/openssh-server.install
@@ -14,6 +14,7 @@ debian/openssh-server.ufw.profile =>
etc/ufw/applications.d/openssh-server
debian/systemd/ssh.service lib/systemd/system
debian/systemd/ssh.socket lib/systemd/system
debian/systemd/rescue-ssh.target lib/systemd/system
+debian/systemd/sshd@.service lib/systemd/system
debian/systemd/ssh-session-cleanup usr/lib/openssh
# dh_apport would be neater, but at the time of writing it isn't in unstable
diff --git a/debian/systemd/sshd@.service b/debian/systemd/sshd@.service
new file mode 100644
index 0..29864a800
--- /dev/null
+++ b/debian/systemd/sshd@.service
@@ -0,0 +1,12 @@
+[Unit]
+Description=OpenBSD Secure Shell server per-connection daemon
+Documentation=man:sshd(8) man:sshd_config(5)
+After=auditd.service
+
+[Service]
+EnvironmentFile=-/etc/default/ssh
+ExecStart=-/usr/sbin/sshd -i $SSHD_OPTS
+StandardInput=socket
+RuntimeDirectory=sshd
+RuntimeDirectoryPreserve=yes
+RuntimeDirectoryMode=0755
Thanks,
--
Colin Watson (he/him) [cjwat...@debian.org]
