/etc/init.d/ssh gives OK status even if daemon fails to launch

Bug #458476 reported by Lars Noodén
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
lsb (Ubuntu)
Invalid
Undecided
Unassigned
openssh (Ubuntu)
Fix Released
Medium
Unassigned

Bug Description

Binary package hint: lsb

lsb-base: /lib/lsb/init-functions appears to let the script /etc/init.d/ssh, from package openssh-server, continue with status OK even if the daemon fails to launch.

I can run the script, but no sshd is launched:

$ sudo /etc/init.d/ssh start
 * Starting OpenBSD Secure Shell server sshd [ OK ]
$ pgrep -l sshd || echo Not There
Not There

If I launch sshd manually, it gives me a proper error message:
sudo /usr/sbin/sshd -Dd
debug1: sshd version OpenSSH_5.1p1 Debian-6ubuntu1
[snip]
debug1: Bind to port 22 on 192.168.0.5.
Bind to port 22 on 192.168.0.5 failed: Cannot assign requested address.

I expect that in such a situation /etc/init.d/ssh should show an error, something like this:
$ sudo /etc/init.d/ssh start
 * Starting OpenBSD Secure Shell server sshd [ FAIL]
 Starting sshd failed : Bind to port 22 on 192.168.0.5 failed: Cannot assign requested address.

$ apt-cache policy lsb-base
lsb-base:
  Installed: 4.0-0ubuntu5
  Candidate: 4.0-0ubuntu5
  Version table:
 *** 4.0-0ubuntu5 0
        500 http://fi.archive.ubuntu.com karmic/main Packages
        100 /var/lib/dpkg/status

$ lsb_release -rd
Description: Ubuntu 9.10
Release: 9.10

If someone misconfigures the server and then uses /etc/init.d/ssh to restart the server. They will get locked out (aka denial of service) if they did not plan carefully enough to test which processes are running, that's not something your average sysadmin should be expected to do. The script should work...

ProblemType: Bug
Architecture: i386
Date: Thu Oct 22 22:21:28 2009
DistroRelease: Ubuntu 9.10
Package: lsb-base 4.0-0ubuntu5
PackageArchitecture: all
ProcEnviron:
 SHELL=/bin/bash
 PATH=(custom, no user)
 LANG=en_US.UTF-8
 LANGUAGE=
ProcVersionSignature: Ubuntu 2.6.31-14.48-generic
SourcePackage: lsb
Uname: Linux 2.6.31-14-generic i686
XsessionErrors: (polkit-gnome-authentication-agent-1:2635): GLib-CRITICAL **: g_once_init_leave: assertion `initialization_value != 0' failed

Revision history for this message
Lars Noodén (larsnooden) wrote :
Changed in openssh (Ubuntu):
importance: Undecided → Medium
Revision history for this message
Luke A. Perkins (public-a) wrote :

Did you check for the existence of the /run/sshd directory? Is UsePrivilegeSeparation set to yes?

Revision history for this message
Robie Basak (racb) wrote :

I can't reproduce this on Eoan, so I believe this problem is fixed. In particular, since the init.d handling was overhauled when systemd was introduced, it is likely that the code responsible has completely changed and this bug no longer exists. I'm marking as Fix Released accordingly.

Revision history for this message
Robie Basak (racb) wrote :

(if this is wrong, then please provide steps to reproduce on a current Ubuntu release and reopen)

Changed in openssh (Ubuntu):
status: New → Fix Released
Changed in lsb (Ubuntu):
status: New → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.