On 5/28/24 12:14 AM, Roberto Ragusa wrote:
The interesting topic on the table is the robustness (or lack of) of the sshd daemon during an upgrade of its binaries and libraries. That daemon is critical for remotely managed systems and the developers usually take care of the implementation quality. Never noticed that you can "systemctl restart sshd" without losing existing ssh connections?
How is that relevant? Restarting sshd doesn't touch existing ssh client processes.
The answer to why is sshd failing to fork during ssl libs upgrade is worth investigating.
No, it's not, because there is no expectation of that happening. There is no means to even do this in any reasonable way.
It may lead to something to fix in the sshd code or in the way openssh is patched/packaged.
There is nothing to fix. The ssh process has already loaded the libraries, so it won't crash if you replace them. After you upgrade the libraries, you just need to restart it to get the new ones loaded. Any existing connections will still be processes running with the old libraries. What exactly are you expecting?
-- _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
