Hi Colin, >>>>> "Colin" == Colin Watson <cjwat...@debian.org> writes:
On Fri, Feb 15, 2019 at 01:20:53PM +1100, Peter Chubb wrote: >> During a normal upgrade of ssh, I see: Restarting OpenBSD Secure >> Shell server: sshdstart-stop-daemon: matching only on non-root >> pidfile /run/sshd.pid is insecure invoke-rc.d: initscript ssh, >> action "restart" failed. >> >> and the package remains `unconfigured' in the database. Colin> I started a container and installed sysvinit-core and Colin> openssh-server in it, and I can't reproduce this bug there. In Colin> particular, /run/sshd.pid is owned by root. Can't think of any local customisations. But this machine started off on Potato and has been upgraded regularly since then, so there may be some legacy cruft hanging around. $ ls -l /run/sshd.pid -rw-r--r-- 1 root staff 6 Feb 15 13:21 /run/sshd.pid I suspect the `staff' group is the issue. Got that way because I have an su shortcut that puts me in uid 0 group 50 for /usr/local update, and I must have restarted sshd with those credentials one time. Should /etc/init.d/ssh set the credentials to create /run/ssh.pid with ? I chgrped the file to root then dpkg --configure worked successfully. -- Dr Peter Chubb Tel: +61 2 9490 5852 http://ts.data61.csiro.au/ Trustworthy Systems Group Data61, CSIRO (formerly NICTA)
