Re: autossh fails after upgrade to 7.3
On 2023-04-25, rea...@catastrophe.net wrote:
> So if ${daemon} is declared as "autossh", using the built-in
> pexp="${daemon}:.*" would kill off multiple running autossh
> instances.
The idea is that pexp should have a bit more of the command line so
it only matches the process started by that rc script. Using .*
there is not best practice.
Re: autossh fails after upgrade to 7.3
On Tue, Apr 25, 2023 at 03:07:19PM -0600, Ashlen wrote:
>rc_exec is a function, not a variable. rc.subr(8) demonstrates how to
>use it. This is what I meant for you to do:
>
>rc_start() {
>rc_exec "${daemon} ${daemon_flags_1}" && \
>rc_exec "${daemon} ${daemon_flags_2}"
>}
Whoops, my fault...I misread what you originally wrote.
rc_exec, as you've posted, works.
Thank you very much, and thanks to all respondents.
Re: autossh fails after upgrade to 7.3
On 2023-04-25 14:20, rea...@catastrophe.net wrote:
> On Tue, Apr 25, 2023 at 01:06:35PM -0600, Ashlen wrote:
> >On 2023-04-25 10:45, rea...@catastrophe.net wrote:
> >> After upgrading to 7.3 autossh is failing using the following rc script
> >> in /etc/rc.d/autossh. It looks like maybe switching to $daemon_user is
> >> not happening to find the correct ssh config stanzas? Thanks in advance
> >> for any help.
> >>
> >>
> >> ## Startup configuration
> >>
> >> #!/bin/ksh
> >> # start autossh tunnel
> >> # requires remoteuser user with $HOME/.ssh/config and keys
> >>
> >> daemon="/usr/local/bin/autossh"
> >> daemon_flags_1="-M 0 -f -N tun-remoteA"
> >> daemon_flags_1="-M 0 -f -N tun-remoteB"
> >> daemon_user="remoteuser"
> >>
> >> . /etc/rc.d/rc.subr
> >>
> >> rc_reload=NO
> >>
> >> pexp="autossh:.*"
> >>
> >> # Child will not return a config parsing error to the parent.
> >> rc_start() {
> >> # use rcexec here since daemon_flags may contain arguments with
> >> spaces
> >> ${rcexec} "${daemon} ${daemon_flags_1}" && \
> >> ${rcexec} "${daemon} ${daemon_flags_1}"
> >> }
> >>
> >> rc_cmd $1
> >
> >${rcexec} was deprecated in 7.2 and dropped in 7.3. You have to use
> >rc_exec now.
> >
> ># sed -i 's/\${rcexec}/rc_exec/' /etc/rc.d/autossh
> >
> >https://www.openbsd.org/faq/upgrade72.html#ConfigChanges
> >https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/etc/rc.d/rc.subr.diff?r1=1.159=1.160=h
>
> Thanks for that.
>
> Even after I modified to use rc_exec I'm still getting the same problem of
> not switching to daemon_user . Comments added inline:
>
> # rcctl -d start autossh
> doing _rc_parse_conf
> autossh_flags empty, using default ><
> doing rc_check
> autossh
> doing rc_start
> remoteuser
> ^^ daemon_user is correctly set to "remoteuser"
> doing _rc_wait_for_start
> doing rc_check
> root
> here is where we should see "remoteuser" and not root when
> ^ running "whoami"
> /etc/rc.d/autossh: /usr/local/bin/autossh -M 0 -f -N tun-remoteA: not found
> doing _rc_rm_runfile
> (failed)
>
>
> The modified rc script that yields this output is:
>
> #!/bin/ksh
> # start autossh tunnel
> # requires remoteuser user with $HOME/.ssh/config and keys
>
> daemon="/usr/local/bin/autossh"
> daemon_flags_1="-M 0 -f -N rev-tun-lax"
> daemon_flags_2="-M 0 -f -N rev-tun-ord"
> daemon_user="as2h"
>
> . /etc/rc.d/rc.subr
>
> rc_reload=NO
>
> pexp="autossh:.*"
>
> # Child will not return a config parsing error to the parent.
> rc_start() {
> # use rc_exec here since daemon_flags may contain arguments with
> spaces
> echo ${daemon_user} # prove the variable is
> set here
> ${rc_exec} "/usr/bin/whoami"# show who we are running commands as
> ${rc_exec} "${daemon} ${daemon_flags_1}" && \
> ${rc_exec} "${daemon} ${daemon_flags_2}"
> }
>
> rc_cmd $1
rc_exec is a function, not a variable. rc.subr(8) demonstrates how to
use it. This is what I meant for you to do:
rc_start() {
rc_exec "${daemon} ${daemon_flags_1}" && \
rc_exec "${daemon} ${daemon_flags_2}"
}
Though, I agree with Stuart. It doesn't make much sense to start two
daemons from one rc.d(8) script.
Re: autossh fails after upgrade to 7.3
On Tue, Apr 25, 2023 at 02:20:01PM -0500, rea...@catastrophe.net wrote:
> On Tue, Apr 25, 2023 at 01:06:35PM -0600, Ashlen wrote:
> >On 2023-04-25 10:45, rea...@catastrophe.net wrote:
> >> After upgrading to 7.3 autossh is failing using the following rc script
> >> in /etc/rc.d/autossh. It looks like maybe switching to $daemon_user is
> >> not happening to find the correct ssh config stanzas? Thanks in advance
> >> for any help.
> >>
> >>
> >> ## Startup configuration
> >>
> >> #!/bin/ksh
> >> # start autossh tunnel
> >> # requires remoteuser user with $HOME/.ssh/config and keys
> >>
> >> daemon="/usr/local/bin/autossh"
> >> daemon_flags_1="-M 0 -f -N tun-remoteA"
> >> daemon_flags_1="-M 0 -f -N tun-remoteB"
> >> daemon_user="remoteuser"
> >>
> >> . /etc/rc.d/rc.subr
> >>
> >> rc_reload=NO
> >>
> >> pexp="autossh:.*"
> >>
> >> # Child will not return a config parsing error to the parent.
> >> rc_start() {
> >> # use rcexec here since daemon_flags may contain arguments with
> >> spaces
> >> ${rcexec} "${daemon} ${daemon_flags_1}" && \
> >> ${rcexec} "${daemon} ${daemon_flags_1}"
> >> }
> >>
> >> rc_cmd $1
> >
> >${rcexec} was deprecated in 7.2 and dropped in 7.3. You have to use
> >rc_exec now.
> >
> ># sed -i 's/\${rcexec}/rc_exec/' /etc/rc.d/autossh
> >
> >https://www.openbsd.org/faq/upgrade72.html#ConfigChanges
> >https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/etc/rc.d/rc.subr.diff?r1=1.159=1.160=h
>
> Thanks for that.
>
> Even after I modified to use rc_exec I'm still getting the same problem of
> not switching to daemon_user . Comments added inline:
Your script below suggests you did not make that change.
> # rcctl -d start autossh
> doing _rc_parse_conf
> autossh_flags empty, using default ><
> doing rc_check
> autossh
> doing rc_start
> remoteuser
> ^^ daemon_user is correctly set to "remoteuser"
> doing _rc_wait_for_start
> doing rc_check
> root
> here is where we should see "remoteuser" and not root when
> ^ running "whoami"
> /etc/rc.d/autossh: /usr/local/bin/autossh -M 0 -f -N tun-remoteA: not found
> doing _rc_rm_runfile
> (failed)
>
>
> The modified rc script that yields this output is:
>
> #!/bin/ksh
> # start autossh tunnel
> # requires remoteuser user with $HOME/.ssh/config and keys
>
> daemon="/usr/local/bin/autossh"
> daemon_flags_1="-M 0 -f -N rev-tun-lax"
> daemon_flags_2="-M 0 -f -N rev-tun-ord"
> daemon_user="as2h"
>
> . /etc/rc.d/rc.subr
>
> rc_reload=NO
>
> pexp="autossh:.*"
>
> # Child will not return a config parsing error to the parent.
> rc_start() {
> # use rc_exec here since daemon_flags may contain arguments with
> spaces
> echo ${daemon_user} # prove the variable is
> set here
> ${rc_exec} "/usr/bin/whoami"# show who we are running commands as
> ${rc_exec} "${daemon} ${daemon_flags_1}" && \
> ${rc_exec} "${daemon} ${daemon_flags_2}"
> }
>
> rc_cmd $1
>
>
--
Antoine
Re: autossh fails after upgrade to 7.3
On Tue, Apr 25, 2023 at 07:18:12PM -, Stuart Henderson wrote:
>On 2023-04-25, rea...@catastrophe.net wrote:
>> On Tue, Apr 25, 2023 at 08:32:35PM +0200, Antoine Jacoutot wrote:
[..]
>
>So let's ignore this ls -l red herring, which cannot have worked
>in 7.2 either (I think you might have meant to type ~${daemon_user}
>or something, but anyway..)
>
>The rc.d subsystem is really intended for internal use by system
>daemons, ports, etc. As such, changes are sometimes made to how
>it works, and everything is updated in ports/base as necessary,
>but if you're writing your own you will need to keep track of
>those changes yourself.
>
>I think what you're missing are these two commits:
Thanks for these.
>
>
>revision 1.153
>date: 2022/05/21 10:50:09; author: ajacoutot; state: Exp; lines: +13 -6;
>commitid: iyDYBSL549hXuvMg;
>Replace the $rcexec variable by an rc_exec function.
>It is much cleaner to the eyes and makes more sense from a functionnal point of
>view.
>This will allow to extend rc_exec with other functionnalities (like upcoming
>rc_startdir).
>Bonus point: daemon_logger will now work with manually crafted rc_start
>functions.
>
>This will require a mechanical change from ${rcexec} to rc_exec in rc.d
>scripts.
>ports will be fixed right after this commit but we will keep compatibility to
>give a chance to people to fix their custom scripts.
>
>positive tests from a few
>ok robert@
>
>
>
>revision 1.160
>date: 2022/10/19 21:04:45; author: ajacoutot; state: Exp; lines: +1 -3;
>commitid: A78P0jfG7qlNxhdx;
>Drop support for $rcexec; people should now use the rc_exec function.
>
>prodded by jsg@
>
>
>though FWIW I think this should be split into two scripts,
>the subsystem isn't geared up to handle one script dealing with
>two separate daemons. (or alternatively what I normally do when
>I use autossh here is to add @reboot cron jobs)...
I don't disagree it should be two separate scripts, but I haven't
found a way to gracefully start/stop separate instances of autossh
since it forks into a separate process.
So if ${daemon} is declared as "autossh", using the built-in
pexp="${daemon}:.*" would kill off multiple running autossh
instances.
Running these out of rc, rather than cron, I find to be a bit more
graceful during network hiccups.
Re: autossh fails after upgrade to 7.3
On Tue, Apr 25, 2023 at 01:06:35PM -0600, Ashlen wrote:
>On 2023-04-25 10:45, rea...@catastrophe.net wrote:
>> After upgrading to 7.3 autossh is failing using the following rc script
>> in /etc/rc.d/autossh. It looks like maybe switching to $daemon_user is
>> not happening to find the correct ssh config stanzas? Thanks in advance
>> for any help.
>>
>>
>> ## Startup configuration
>>
>> #!/bin/ksh
>> # start autossh tunnel
>> # requires remoteuser user with $HOME/.ssh/config and keys
>>
>> daemon="/usr/local/bin/autossh"
>> daemon_flags_1="-M 0 -f -N tun-remoteA"
>> daemon_flags_1="-M 0 -f -N tun-remoteB"
>> daemon_user="remoteuser"
>>
>> . /etc/rc.d/rc.subr
>>
>> rc_reload=NO
>>
>> pexp="autossh:.*"
>>
>> # Child will not return a config parsing error to the parent.
>> rc_start() {
>> # use rcexec here since daemon_flags may contain arguments with
>> spaces
>> ${rcexec} "${daemon} ${daemon_flags_1}" && \
>> ${rcexec} "${daemon} ${daemon_flags_1}"
>> }
>>
>> rc_cmd $1
>
>${rcexec} was deprecated in 7.2 and dropped in 7.3. You have to use
>rc_exec now.
>
># sed -i 's/\${rcexec}/rc_exec/' /etc/rc.d/autossh
>
>https://www.openbsd.org/faq/upgrade72.html#ConfigChanges
>https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/etc/rc.d/rc.subr.diff?r1=1.159=1.160=h
Thanks for that.
Even after I modified to use rc_exec I'm still getting the same problem of
not switching to daemon_user . Comments added inline:
# rcctl -d start autossh
doing _rc_parse_conf
autossh_flags empty, using default ><
doing rc_check
autossh
doing rc_start
remoteuser
^^ daemon_user is correctly set to "remoteuser"
doing _rc_wait_for_start
doing rc_check
root
here is where we should see "remoteuser" and not root when
^ running "whoami"
/etc/rc.d/autossh: /usr/local/bin/autossh -M 0 -f -N tun-remoteA: not found
doing _rc_rm_runfile
(failed)
The modified rc script that yields this output is:
#!/bin/ksh
# start autossh tunnel
# requires remoteuser user with $HOME/.ssh/config and keys
daemon="/usr/local/bin/autossh"
daemon_flags_1="-M 0 -f -N rev-tun-lax"
daemon_flags_2="-M 0 -f -N rev-tun-ord"
daemon_user="as2h"
. /etc/rc.d/rc.subr
rc_reload=NO
pexp="autossh:.*"
# Child will not return a config parsing error to the parent.
rc_start() {
# use rc_exec here since daemon_flags may contain arguments with spaces
echo ${daemon_user} # prove the variable is
set here
${rc_exec} "/usr/bin/whoami"# show who we are running commands as
${rc_exec} "${daemon} ${daemon_flags_1}" && \
${rc_exec} "${daemon} ${daemon_flags_2}"
}
rc_cmd $1
Re: autossh fails after upgrade to 7.3
On 2023-04-25, rea...@catastrophe.net wrote:
> On Tue, Apr 25, 2023 at 08:32:35PM +0200, Antoine Jacoutot wrote:
>>On Tue, Apr 25, 2023 at 01:16:22PM -0500, rea...@catastrophe.net wrote:
>>> On Tue, Apr 25, 2023 at 08:09:46PM +0200, Antoine Jacoutot wrote:
>>> >On Tue, Apr 25, 2023 at 12:41:41PM -0500, rea...@catastrophe.net wrote:
>>> >> On Tue, Apr 25, 2023 at 12:03:51PM -0500, rea...@catastrophe.net wrote:
>>> >> >On Tue, Apr 25, 2023 at 10:45:21AM -0500, rea...@catastrophe.net wrote:
>>> >> >> [..]
>>> >> >> [ some bad paste ]
>>> >> >
>>> >> >Just a clarification: the rc script in /etc/rc.d/autossh actually looks
>>> >> >like
>>> >> >
>>> >> >#!/bin/ksh
>>> >> ># start autossh tunnel
>>> >> ># requires remoteuser user with $HOME/.ssh/config and keys
>>> >> >
>>> >> >daemon="/usr/local/bin/autossh"
>>> >> >daemon_flags_1="-M 0 -f -N tun-remoteA"
>>> >> >daemon_flags_2="-M 0 -f -N tun-remoteB"
>>> >> >daemon_user="remoteuser"
>>> >> >
>>> >> >. /etc/rc.d/rc.subr
>>> >> >
>>> >> >rc_reload=NO
>>> >> >
>>> >> >pexp="autossh:.*"
>>> >> >
>>> >> ># Child will not return a config parsing error to the parent.
>>> >> >rc_start() {
>>> >> ># use rcexec here since daemon_flags may contain arguments with
>>> >> > spaces
>>> >> >${rcexec} "${daemon} ${daemon_flags_1}" && \
>>> >> >${rcexec} "${daemon} ${daemon_flags_2}"
>>> >> >}
>>> >> >
>>> >> >rc_cmd $1
>>> >>
>>> >>
>>> >> So tracking this down a bit more, if I modify the rc script to just
>>> >> list remoteuser's ~/.ssh/config file issues arise
>>> >
>>> >That's not what the script does from what I can see.
>>> >
>>> >> rc_start() {
>>> >> # use rcexec here since daemon_flags may contain arguments with
>>> >> spaces
>>> >> ls -l ${daemon_user}/.ssh/config
>>> >> #${rcexec} "${daemon} ${daemon_flags_1}" && \
>>> >> #${rcexec} "${daemon} ${daemon_flags_2}"
>>> >> }
>>> >>
>>> >> # rcctl -d start autossh
>>> >> doing _rc_parse_conf
>>> >> autossh_flags empty, using default ><
>>> >> doing rc_check
>>> >> autossh
>>> >> doing rc_start
>>> >> doing _rc_wait_for_start
>>> >> doing rc_check
>>> >> ls: remoteuser/.ssh/config: No such file or directory
>>> >> doing _rc_rm_runfile
>>> >> (failed)
>>> >
>>> >Well it's doing exactly what you are telling it to do.
>>> >Not sure I understand what you mean.
>>>
>>> You missed the second part where I said:
>>>
>>> But if I add prepend "/home" to ${daemon_user}, it works as expected.
>>>
>>
>>I didn't miss anything.
>>
>>"ls -l ${daemon_user}/.ssh/config"
>>Which translate to "ls remoteuser/.ssh/config".
>>That file does not exist (it's not an absolute path so if you run it from
>>anywhere other than /home, then it won't be found).
>>
>>When you append /home you are doing:
>>"ls -l /home/${daemon_user}/.ssh/config" which translate to an absolute path:
>>/home/remoteuser/.ssh/config.
>
> Yes, that's exactly correct and I was showing that, somewhere along the way
> from 7.2 to 7.3, something changed to break the original rc script I
> posted and that which is quoted at the top of this mail.
So let's ignore this ls -l red herring, which cannot have worked
in 7.2 either (I think you might have meant to type ~${daemon_user}
or something, but anyway..)
The rc.d subsystem is really intended for internal use by system
daemons, ports, etc. As such, changes are sometimes made to how
it works, and everything is updated in ports/base as necessary,
but if you're writing your own you will need to keep track of
those changes yourself.
I think what you're missing are these two commits:
revision 1.153
date: 2022/05/21 10:50:09; author: ajacoutot; state: Exp; lines: +13 -6;
commitid: iyDYBSL549hXuvMg;
Replace the $rcexec variable by an rc_exec function.
It is much cleaner to the eyes and makes more sense from a functionnal point of
view.
This will allow to extend rc_exec with other functionnalities (like upcoming
rc_startdir).
Bonus point: daemon_logger will now work with manually crafted rc_start
functions.
This will require a mechanical change from ${rcexec} to rc_exec in rc.d scripts.
ports will be fixed right after this commit but we will keep compatibility to
give a chance to people to fix their custom scripts.
positive tests from a few
ok robert@
revision 1.160
date: 2022/10/19 21:04:45; author: ajacoutot; state: Exp; lines: +1 -3;
commitid: A78P0jfG7qlNxhdx;
Drop support for $rcexec; people should now use the rc_exec function.
prodded by jsg@
though FWIW I think this should be split into two scripts,
the subsystem isn't geared up to handle one script dealing with
two separate daemons. (or alternatively what I normally do when
I use autossh here is to add @reboot cron jobs)...
Re: autossh fails after upgrade to 7.3
On 2023-04-25 10:45, rea...@catastrophe.net wrote:
> After upgrading to 7.3 autossh is failing using the following rc script
> in /etc/rc.d/autossh. It looks like maybe switching to $daemon_user is
> not happening to find the correct ssh config stanzas? Thanks in advance
> for any help.
>
>
> ## Startup configuration
>
> #!/bin/ksh
> # start autossh tunnel
> # requires remoteuser user with $HOME/.ssh/config and keys
>
> daemon="/usr/local/bin/autossh"
> daemon_flags_1="-M 0 -f -N tun-remoteA"
> daemon_flags_1="-M 0 -f -N tun-remoteB"
> daemon_user="remoteuser"
>
> . /etc/rc.d/rc.subr
>
> rc_reload=NO
>
> pexp="autossh:.*"
>
> # Child will not return a config parsing error to the parent.
> rc_start() {
> # use rcexec here since daemon_flags may contain arguments with spaces
> ${rcexec} "${daemon} ${daemon_flags_1}" && \
> ${rcexec} "${daemon} ${daemon_flags_1}"
> }
>
> rc_cmd $1
${rcexec} was deprecated in 7.2 and dropped in 7.3. You have to use
rc_exec now.
# sed -i 's/\${rcexec}/rc_exec/' /etc/rc.d/autossh
https://www.openbsd.org/faq/upgrade72.html#ConfigChanges
https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/etc/rc.d/rc.subr.diff?r1=1.159=1.160=h
Re: autossh fails after upgrade to 7.3
On Tue, Apr 25, 2023 at 08:32:35PM +0200, Antoine Jacoutot wrote:
>On Tue, Apr 25, 2023 at 01:16:22PM -0500, rea...@catastrophe.net wrote:
>> On Tue, Apr 25, 2023 at 08:09:46PM +0200, Antoine Jacoutot wrote:
>> >On Tue, Apr 25, 2023 at 12:41:41PM -0500, rea...@catastrophe.net wrote:
>> >> On Tue, Apr 25, 2023 at 12:03:51PM -0500, rea...@catastrophe.net wrote:
>> >> >On Tue, Apr 25, 2023 at 10:45:21AM -0500, rea...@catastrophe.net wrote:
>> >> >> [..]
>> >> >> [ some bad paste ]
>> >> >
>> >> >Just a clarification: the rc script in /etc/rc.d/autossh actually looks
>> >> >like
>> >> >
>> >> >#!/bin/ksh
>> >> ># start autossh tunnel
>> >> ># requires remoteuser user with $HOME/.ssh/config and keys
>> >> >
>> >> >daemon="/usr/local/bin/autossh"
>> >> >daemon_flags_1="-M 0 -f -N tun-remoteA"
>> >> >daemon_flags_2="-M 0 -f -N tun-remoteB"
>> >> >daemon_user="remoteuser"
>> >> >
>> >> >. /etc/rc.d/rc.subr
>> >> >
>> >> >rc_reload=NO
>> >> >
>> >> >pexp="autossh:.*"
>> >> >
>> >> ># Child will not return a config parsing error to the parent.
>> >> >rc_start() {
>> >> ># use rcexec here since daemon_flags may contain arguments with
>> >> > spaces
>> >> >${rcexec} "${daemon} ${daemon_flags_1}" && \
>> >> >${rcexec} "${daemon} ${daemon_flags_2}"
>> >> >}
>> >> >
>> >> >rc_cmd $1
>> >>
>> >>
>> >> So tracking this down a bit more, if I modify the rc script to just
>> >> list remoteuser's ~/.ssh/config file issues arise
>> >
>> >That's not what the script does from what I can see.
>> >
>> >> rc_start() {
>> >> # use rcexec here since daemon_flags may contain arguments with
>> >> spaces
>> >> ls -l ${daemon_user}/.ssh/config
>> >> #${rcexec} "${daemon} ${daemon_flags_1}" && \
>> >> #${rcexec} "${daemon} ${daemon_flags_2}"
>> >> }
>> >>
>> >> # rcctl -d start autossh
>> >> doing _rc_parse_conf
>> >> autossh_flags empty, using default ><
>> >> doing rc_check
>> >> autossh
>> >> doing rc_start
>> >> doing _rc_wait_for_start
>> >> doing rc_check
>> >> ls: remoteuser/.ssh/config: No such file or directory
>> >> doing _rc_rm_runfile
>> >> (failed)
>> >
>> >Well it's doing exactly what you are telling it to do.
>> >Not sure I understand what you mean.
>>
>> You missed the second part where I said:
>>
>> But if I add prepend "/home" to ${daemon_user}, it works as expected.
>>
>
>I didn't miss anything.
>
>"ls -l ${daemon_user}/.ssh/config"
>Which translate to "ls remoteuser/.ssh/config".
>That file does not exist (it's not an absolute path so if you run it from
>anywhere other than /home, then it won't be found).
>
>When you append /home you are doing:
>"ls -l /home/${daemon_user}/.ssh/config" which translate to an absolute path:
>/home/remoteuser/.ssh/config.
Yes, that's exactly correct and I was showing that, somewhere along the way
from 7.2 to 7.3, something changed to break the original rc script I
posted and that which is quoted at the top of this mail.
Re: autossh fails after upgrade to 7.3
On Tue, Apr 25, 2023 at 01:16:22PM -0500, rea...@catastrophe.net wrote:
> On Tue, Apr 25, 2023 at 08:09:46PM +0200, Antoine Jacoutot wrote:
> >On Tue, Apr 25, 2023 at 12:41:41PM -0500, rea...@catastrophe.net wrote:
> >> On Tue, Apr 25, 2023 at 12:03:51PM -0500, rea...@catastrophe.net wrote:
> >> >On Tue, Apr 25, 2023 at 10:45:21AM -0500, rea...@catastrophe.net wrote:
> >> >> [..]
> >> >> [ some bad paste ]
> >> >
> >> >Just a clarification: the rc script in /etc/rc.d/autossh actually looks
> >> >like
> >> >
> >> >#!/bin/ksh
> >> ># start autossh tunnel
> >> ># requires remoteuser user with $HOME/.ssh/config and keys
> >> >
> >> >daemon="/usr/local/bin/autossh"
> >> >daemon_flags_1="-M 0 -f -N tun-remoteA"
> >> >daemon_flags_2="-M 0 -f -N tun-remoteB"
> >> >daemon_user="remoteuser"
> >> >
> >> >. /etc/rc.d/rc.subr
> >> >
> >> >rc_reload=NO
> >> >
> >> >pexp="autossh:.*"
> >> >
> >> ># Child will not return a config parsing error to the parent.
> >> >rc_start() {
> >> ># use rcexec here since daemon_flags may contain arguments with
> >> > spaces
> >> >${rcexec} "${daemon} ${daemon_flags_1}" && \
> >> >${rcexec} "${daemon} ${daemon_flags_2}"
> >> >}
> >> >
> >> >rc_cmd $1
> >>
> >>
> >> So tracking this down a bit more, if I modify the rc script to just
> >> list remoteuser's ~/.ssh/config file issues arise
> >
> >That's not what the script does from what I can see.
> >
> >> rc_start() {
> >> # use rcexec here since daemon_flags may contain arguments with
> >> spaces
> >> ls -l ${daemon_user}/.ssh/config
> >> #${rcexec} "${daemon} ${daemon_flags_1}" && \
> >> #${rcexec} "${daemon} ${daemon_flags_2}"
> >> }
> >>
> >> # rcctl -d start autossh
> >> doing _rc_parse_conf
> >> autossh_flags empty, using default ><
> >> doing rc_check
> >> autossh
> >> doing rc_start
> >> doing _rc_wait_for_start
> >> doing rc_check
> >> ls: remoteuser/.ssh/config: No such file or directory
> >> doing _rc_rm_runfile
> >> (failed)
> >
> >Well it's doing exactly what you are telling it to do.
> >Not sure I understand what you mean.
>
> You missed the second part where I said:
>
> But if I add prepend "/home" to ${daemon_user}, it works as expected.
>
I didn't miss anything.
"ls -l ${daemon_user}/.ssh/config"
Which translate to "ls remoteuser/.ssh/config".
That file does not exist (it's not an absolute path so if you run it from
anywhere other than /home, then it won't be found).
When you append /home you are doing:
"ls -l /home/${daemon_user}/.ssh/config" which translate to an absolute path:
/home/remoteuser/.ssh/config.
--
Antoine
Re: autossh fails after upgrade to 7.3
On Tue, Apr 25, 2023 at 08:09:46PM +0200, Antoine Jacoutot wrote:
>On Tue, Apr 25, 2023 at 12:41:41PM -0500, rea...@catastrophe.net wrote:
>> On Tue, Apr 25, 2023 at 12:03:51PM -0500, rea...@catastrophe.net wrote:
>> >On Tue, Apr 25, 2023 at 10:45:21AM -0500, rea...@catastrophe.net wrote:
>> >> [..]
>> >> [ some bad paste ]
>> >
>> >Just a clarification: the rc script in /etc/rc.d/autossh actually looks like
>> >
>> >#!/bin/ksh
>> ># start autossh tunnel
>> ># requires remoteuser user with $HOME/.ssh/config and keys
>> >
>> >daemon="/usr/local/bin/autossh"
>> >daemon_flags_1="-M 0 -f -N tun-remoteA"
>> >daemon_flags_2="-M 0 -f -N tun-remoteB"
>> >daemon_user="remoteuser"
>> >
>> >. /etc/rc.d/rc.subr
>> >
>> >rc_reload=NO
>> >
>> >pexp="autossh:.*"
>> >
>> ># Child will not return a config parsing error to the parent.
>> >rc_start() {
>> ># use rcexec here since daemon_flags may contain arguments with
>> > spaces
>> >${rcexec} "${daemon} ${daemon_flags_1}" && \
>> >${rcexec} "${daemon} ${daemon_flags_2}"
>> >}
>> >
>> >rc_cmd $1
>>
>>
>> So tracking this down a bit more, if I modify the rc script to just
>> list remoteuser's ~/.ssh/config file issues arise
>
>That's not what the script does from what I can see.
>
>> rc_start() {
>> # use rcexec here since daemon_flags may contain arguments with
>> spaces
>> ls -l ${daemon_user}/.ssh/config
>> #${rcexec} "${daemon} ${daemon_flags_1}" && \
>> #${rcexec} "${daemon} ${daemon_flags_2}"
>> }
>>
>> # rcctl -d start autossh
>> doing _rc_parse_conf
>> autossh_flags empty, using default ><
>> doing rc_check
>> autossh
>> doing rc_start
>> doing _rc_wait_for_start
>> doing rc_check
>> ls: remoteuser/.ssh/config: No such file or directory
>> doing _rc_rm_runfile
>> (failed)
>
>Well it's doing exactly what you are telling it to do.
>Not sure I understand what you mean.
You missed the second part where I said:
But if I add prepend "/home" to ${daemon_user}, it works as expected.
rc_start() {
# use rcexec here since daemon_flags may contain arguments with spaces
ls -l /home/${daemon_user}/.ssh/config
#${rcexec} "${daemon} ${daemon_flags_1}" && \
#${rcexec} "${daemon} ${daemon_flags_2}"
}
So my question is why was "/home/remoteuser" passed in 7.2 but is
not, now? Is it autossh that is the problem?
Thanks.
Re: autossh fails after upgrade to 7.3
On Tue, Apr 25, 2023 at 12:41:41PM -0500, rea...@catastrophe.net wrote:
> On Tue, Apr 25, 2023 at 12:03:51PM -0500, rea...@catastrophe.net wrote:
> >On Tue, Apr 25, 2023 at 10:45:21AM -0500, rea...@catastrophe.net wrote:
> >> [..]
> >> [ some bad paste ]
> >
> >Just a clarification: the rc script in /etc/rc.d/autossh actually looks like
> >
> >#!/bin/ksh
> ># start autossh tunnel
> ># requires remoteuser user with $HOME/.ssh/config and keys
> >
> >daemon="/usr/local/bin/autossh"
> >daemon_flags_1="-M 0 -f -N tun-remoteA"
> >daemon_flags_2="-M 0 -f -N tun-remoteB"
> >daemon_user="remoteuser"
> >
> >. /etc/rc.d/rc.subr
> >
> >rc_reload=NO
> >
> >pexp="autossh:.*"
> >
> ># Child will not return a config parsing error to the parent.
> >rc_start() {
> ># use rcexec here since daemon_flags may contain arguments with
> > spaces
> >${rcexec} "${daemon} ${daemon_flags_1}" && \
> >${rcexec} "${daemon} ${daemon_flags_2}"
> >}
> >
> >rc_cmd $1
>
>
> So tracking this down a bit more, if I modify the rc script to just
> list remoteuser's ~/.ssh/config file issues arise
That's not what the script does from what I can see.
> rc_start() {
> # use rcexec here since daemon_flags may contain arguments with spaces
> ls -l ${daemon_user}/.ssh/config
> #${rcexec} "${daemon} ${daemon_flags_1}" && \
> #${rcexec} "${daemon} ${daemon_flags_2}"
> }
>
> # rcctl -d start autossh
> doing _rc_parse_conf
> autossh_flags empty, using default ><
> doing rc_check
> autossh
> doing rc_start
> doing _rc_wait_for_start
> doing rc_check
> ls: remoteuser/.ssh/config: No such file or directory
> doing _rc_rm_runfile
> (failed)
Well it's doing exactly what you are telling it to do.
Not sure I understand what you mean.
--
Antoine
Re: autossh fails after upgrade to 7.3
On Tue, Apr 25, 2023 at 12:03:51PM -0500, rea...@catastrophe.net wrote:
>On Tue, Apr 25, 2023 at 10:45:21AM -0500, rea...@catastrophe.net wrote:
>> [..]
>> [ some bad paste ]
>
>Just a clarification: the rc script in /etc/rc.d/autossh actually looks like
>
>#!/bin/ksh
># start autossh tunnel
># requires remoteuser user with $HOME/.ssh/config and keys
>
>daemon="/usr/local/bin/autossh"
>daemon_flags_1="-M 0 -f -N tun-remoteA"
>daemon_flags_2="-M 0 -f -N tun-remoteB"
>daemon_user="remoteuser"
>
>. /etc/rc.d/rc.subr
>
>rc_reload=NO
>
>pexp="autossh:.*"
>
># Child will not return a config parsing error to the parent.
>rc_start() {
># use rcexec here since daemon_flags may contain arguments with spaces
>${rcexec} "${daemon} ${daemon_flags_1}" && \
>${rcexec} "${daemon} ${daemon_flags_2}"
>}
>
>rc_cmd $1
So tracking this down a bit more, if I modify the rc script to just
list remoteuser's ~/.ssh/config file issues arise
rc_start() {
# use rcexec here since daemon_flags may contain arguments with spaces
ls -l ${daemon_user}/.ssh/config
#${rcexec} "${daemon} ${daemon_flags_1}" && \
#${rcexec} "${daemon} ${daemon_flags_2}"
}
# rcctl -d start autossh
doing _rc_parse_conf
autossh_flags empty, using default ><
doing rc_check
autossh
doing rc_start
doing _rc_wait_for_start
doing rc_check
ls: remoteuser/.ssh/config: No such file or directory
doing _rc_rm_runfile
(failed)
But if I add prepend "/home" to ${daemon_user}, it works as expected.
rc_start() {
# use rcexec here since daemon_flags may contain arguments with spaces
ls -l /home/${daemon_user}/.ssh/config
#${rcexec} "${daemon} ${daemon_flags_1}" && \
#${rcexec} "${daemon} ${daemon_flags_2}"
}
# rcctl -d start autossh
doing _rc_parse_conf
autossh_flags empty, using default ><
doing rc_check
autossh
doing rc_start
doing _rc_wait_for_start
doing rc_check
-r 1 remoteuser users 459 Mar 16 2022 /home/remoteuser/.ssh/config
doing _rc_write_runfile
(ok)
So I'm back to asking if something changed with the way rc.d handles
$daemon_user and if there is any way to resolve the issue (short of
hard-coding everything behind rcexec in the startup?
Thanks.
Re: autossh fails after upgrade to 7.3
On Tue, Apr 25, 2023 at 10:45:21AM -0500, rea...@catastrophe.net wrote:
> [..]
> [ some bad paste ]
Just a clarification: the rc script in /etc/rc.d/autossh actually looks like
#!/bin/ksh
# start autossh tunnel
# requires remoteuser user with $HOME/.ssh/config and keys
daemon="/usr/local/bin/autossh"
daemon_flags_1="-M 0 -f -N tun-remoteA"
daemon_flags_2="-M 0 -f -N tun-remoteB"
daemon_user="remoteuser"
. /etc/rc.d/rc.subr
rc_reload=NO
pexp="autossh:.*"
# Child will not return a config parsing error to the parent.
rc_start() {
# use rcexec here since daemon_flags may contain arguments with spaces
${rcexec} "${daemon} ${daemon_flags_1}" && \
${rcexec} "${daemon} ${daemon_flags_2}"
}
rc_cmd $1
[..]
autossh fails after upgrade to 7.3
After upgrading to 7.3 autossh is failing using the following rc script
in /etc/rc.d/autossh. It looks like maybe switching to $daemon_user is
not happening to find the correct ssh config stanzas? Thanks in advance
for any help.
## Startup configuration
#!/bin/ksh
# start autossh tunnel
# requires remoteuser user with $HOME/.ssh/config and keys
daemon="/usr/local/bin/autossh"
daemon_flags_1="-M 0 -f -N tun-remoteA"
daemon_flags_1="-M 0 -f -N tun-remoteB"
daemon_user="remoteuser"
. /etc/rc.d/rc.subr
rc_reload=NO
pexp="autossh:.*"
# Child will not return a config parsing error to the parent.
rc_start() {
# use rcexec here since daemon_flags may contain arguments with spaces
${rcexec} "${daemon} ${daemon_flags_1}" && \
${rcexec} "${daemon} ${daemon_flags_1}"
}
rc_cmd $1
## User config
SSH config for the user in ~remoteuser/.ssh/config everything looks good and
nothing has changed on this since being on 7.2.
Host tun-remoteA
HostName remoteA.example.org
AddressFamily inet
User remoteuser
IdentityFile /home/remoteuser/.ssh/id_rsa
RemoteForward 32220 localhost:22
ServerAliveInterval 15
ServerAliveCountMax 3
ExitOnForwardFailure yes
Host tun-remoteB
HostName remoteB.example.org
AddressFamily inet
User remoteuser
IdentityFile /home/remoteuser/.ssh/id_rsa
RemoteForward 32220 localhost:22
ServerAliveInterval 15
ServerAliveCountMax 3
ExitOnForwardFailure yes
## Startup showing failure
# rcctl -d start autossh
doing _rc_parse_conf
autossh_flags empty, using default ><
doing rc_check
autossh
doing rc_start
/etc/rc.d/autossh: /usr/local/bin/autossh -M 0 -f -N tun-remoteA: not found
doing _rc_wait_for_start
doing _rc_rm_runfile
(failed)
# echo $?
1
## Checking that the ssh config for the user works on local to remoteA
# uname -a
OpenBSD local 7.3 GENERIC.MP#1125 amd64
# su -l remoteuser
remoteuser$ ssh tun-remoteA
Last login: Tue Apr 25 10:14:51 2023 from 10.10.10.10
OpenBSD 7.3 (GENERIC) #1072: Sat Mar 25 10:26:08 MDT 2023
remoteA$ uname -a
OpenBSD remoteA 7.3 GENERIC#1072 amd64
