On 14.04.2024 16:48, Laura Smith wrote:
I am running a simple service to tweak SSHD on first boot (the script is at the bottom of this mail). This is on Debian Bookworm incase it makes any difference.
If I configure my service as:
[Unit]
Description=ITS Generate SSH Server Keys
Wants=ssh.service
Before=ssh.service
[Service]
ExecStart=/usr/bin/bash /path/to/script
Type=oneshot
[Install]
WantedBy=multi-user.target
It never completes. Logging into the server console, "dpkg-reconfigure" just seems to sit there in the backround forever and so SSHD never gets restarted/reloaded.
Meanwhile, if I change the [Service] definition to:
[Service]
ExecStart=/usr/bin/bash /path/to/script
RemainAfterExit=true
Type=exec
"dpkg-reconfigure" appears to do its job correctly, and as a result SSHD gets restarted/reloaded, I can login via SSH and everything is great.
I just don't understand why its doing that.
If whatever your script does involves (re-)starting of sshd service, you
have deadlock with "oneshot" - sshd service cannot proceed until your
service startup completes and your service apparently waits on something
that waits on your own service.
With "exec" your service startup completes right away and does not
prevent sshd service startup.
Laura
My script:
#!/usr/bin/env bash
set -uo pipefail
HAS_RUN_FLAG="/path/to/my.flag"
if [[ ! -f "${HAS_RUN_FLAG}" ]];then
sed -i'' 's/^Subsystem\s*sftp/#&/' /etc/ssh/sshd_config
dpkg-reconfigure openssh-server
touch "${HAS_RUN_FLAG}"
fi
