README.Debian.gz instructions for disabling socket activation inaccurate

Bug #2017434 reported by Steve Langasek
This bug affects 2 people
Affects Status Importance Assigned to Milestone
openssh (Ubuntu)
Fix Released

Bug Description

The documentation about how to roll back socket activation of sshd became inaccurate after version 1:9.0p1-1ubuntu4 when we started using a drop-in file to finalize activation rather than this being configured statically in ssh.service. The drop-in file /etc/systemd/system/ssh.service.d/00-socket.conf must also be removed first.

Related branches

Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in openssh (Ubuntu):
status: New → Confirmed
Changed in openssh (Ubuntu):
status: Confirmed → Triaged
Steve Langasek (vorlon)
Changed in openssh (Ubuntu):
status: Triaged → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (16.6 KiB)

This bug was fixed in the package openssh - 1:9.2p1-2ubuntu3

openssh (1:9.2p1-2ubuntu3) mantic; urgency=medium

  * Fix upgrade of openssh-server with active ssh session (LP: #2020474)
    - debian/patches/systemd-socket-activation.patch:
      + Do force closing of listen sockets in child process
      + Set rexec_flag = 0 when sshd is socket-activated so that child process
        does not re-exec
    - debian/openssh-server.postint:
      + When upgrading from affected versions of openssh, do not try to
        restart systemd units, and instead indicate that a reboot is required
    - debian/tests/systemd-socket-activation:
      + Reboot the testbed before starting the test
    - debian/rules:
      + Do not stop ssh.socket on upgrade
  * d/p/test-set-UsePAM-no-on-some-tests.patch: set UsePAM=no for some tests

openssh (1:9.2p1-2ubuntu2) mantic; urgency=medium

  * debian/README.Debian: Fix path of addresses.conf drop-in

openssh (1:9.2p1-2ubuntu1) mantic; urgency=medium

  * Merge with Debian unstable (LP: #2018094). Remaining changes:
    - debian/rules: modify dh_installsystemd invocations for
      socket-activated sshd
    - debian/openssh-server.postinst: handle migration of sshd_config options
      to systemd socket options on upgrade.
    - debian/README.Debian: document systemd socket activation.
    - debian/patches/socket-activation-documentation.patch: Document in
      sshd_config(5) that ListenAddress and Port no longer work.
    - debian/openssh-server.templates: include debconf prompt explaining
      when migration cannot happen due to multiple ListenAddress values
    - debian/.gitignore: drop file
    - debian/openssh-server.postrm: remove systemd drop-ins for
      socket-activated sshd on purge
    - debian/openssh-server.ucf-md5sum: Update list of stock sshd_config
      checksums to include those from jammy and kinetic.
    - debian/openssh-server.tmpfile,debian/systemd/ssh.service: Move
      /run/sshd creation out of the systemd unit to a tmpfile config so
      that sshd can be run manually if necessary without having to create
      this directory by hand.
    - debian/patches/systemd-socket-activation.patch: Fix sshd
      re-execution behavior when socket activation is used
    - debian/tests/systemd-socket-activation: Add autopkgtest for systemd socket
      activation functionality.
  * Dropped changes, included in Debian:
    - debian/patches/systemd-socket-activation.patch: Initial implementation
  * New changes:
    - debian/README.Debian: mention drop-in configurations in instructions
      for disabling sshd socket activation (LP: #2017434).
    - debian/openssh-server.ucf-md5sum: update for Ubuntu delta

openssh (1:9.2p1-2) unstable; urgency=medium

  * Fix mistakenly-unreleased entry for 1:9.2p1-1 in debian/NEWS.

openssh (1:9.2p1-1) unstable; urgency=medium

  * Set "UsePAM yes" when running regression tests, to match our default
    sshd configuration.
  * Ignore Lintian error about depending on lsb-base for now, to avoid
    problems with partial upgrades on non-default init systems.
  * New upstream release (
    - [SECURITY] sshd...

Changed in openssh (Ubuntu):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.