Package: openssh-server Version: 1:5.1p1-3 Severity: important
The sshd on this server exits before the boot process in complete on approx 70% of boots on this machine - presumably due to a race condition. It appears to die following the reload by /etc/network/if-up.d/openssh-server when the system is bringing up its network interfaces. The same fault has been observed to occur at least once with the non-openvz standard 2.6.26-1 kernel. The failure stops happening if: .. 'reload' is changed to 'restart' in /etc/network/if-up.d/openssh-server .. The debug level is increased in /etc/ssh/sshd_config (e.g. LogLevel VERBOSE, LogLevel DEBUG etc.) Logging in on the console and issuing an "/etc/init.d/ssh restart" results in a message like "<PID Number> not running". The last message in /var/log/auth.log is of the form: Oct 16 14:58:19 xeon1 sshd[3065]: Server listening on :: port 22. Oct 16 14:58:19 xeon1 sshd[3065]: Server listening on 0.0.0.0 port 22. Oct 16 14:58:19 xeon1 sshd[3065]: Received SIGHUP; restarting. No further messages are then logged by sshd, and nothing is listening on port 22: On the occasions when the server reload work successfully, this is followed immediately by a message of the form: Oct 16 <SAME TIME> xeon1 sshd[<NEWPID>]: Server listening on :: port 22. Oct 16 <SAME TIME> xeon1 sshd[<NEWPID>]: Server listening on 0.0.0.0 port 22. I'm speculating that reciving a SIGHUP at some point is sshd's normal restart process will cause it to fail to respawn (and that this is occuring on this machine when the ifup occurs on eth0, and eth1 in quick succession). Unfortunately on this box at least, turning up debugging causes the symptom to go away... Thanks, Tim. -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 2.6.26-1-openvz-amd64 (SMP w/4 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages openssh-server depends on: ii adduser 3.110 add and remove users and groups ii debconf [debconf-2.0] 1.5.22 Debian configuration management sy ii dpkg 1.14.22 Debian package management system ii libc6 2.7-14 GNU C Library: Shared libraries ii libcomerr2 1.41.2-1 common error description library ii libkrb53 1.6.dfsg.4~beta1-4 MIT Kerberos runtime libraries ii libpam-modules 1.0.1-4+b1 Pluggable Authentication Modules f ii libpam-runtime 1.0.1-4 Runtime support for the PAM librar ii libpam0g 1.0.1-4+b1 Pluggable Authentication Modules l ii libselinux1 2.0.65-5 SELinux shared libraries ii libssl0.9.8 0.9.8g-13 SSL shared libraries ii libwrap0 7.6.q-16 Wietse Venema's TCP wrappers libra ii lsb-base 3.2-20 Linux Standard Base 3.2 init scrip ii openssh-blacklist 0.4.1 list of default blacklisted OpenSS ii openssh-client 1:5.1p1-3 secure shell client, an rlogin/rsh ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime Versions of packages openssh-server recommends: pn openssh-blacklist-extra <none> (no description available) pn xauth <none> (no description available) Versions of packages openssh-server suggests: pn molly-guard <none> (no description available) pn rssh <none> (no description available) pn ssh-askpass <none> (no description available) -- debconf information: ssh/vulnerable_host_keys: ssh/new_config: true * ssh/use_old_init_script: true ssh/encrypted_host_key_but_no_keygen: ssh/disable_cr_auth: false -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]