Ron / BCLUG via talk said on Tue, 5 Nov 2024 19:09:28 -0800
Steve Litt via talk wrote on 2024-11-01 12:55:
Here's my runit run script for sshd:
============================= #!/bin/sh exec 2>&1 ssh-keygen -A > /dev/null 2>&1 [ -r conf ] && . ./conf exec /usr/bin/sshd -D $OPTS =============================
The ss-keygen line generates host keys only if there are none. There's no conf file so the conf line is a no-op. Because there's no ./conf, $OPTS is an empty string. The -D in sshd runs it in the foreground, which is the right way to do things in an init system. A shebang plus four lines. Yeah, it's possible to screw up, but you have to be pretty careless to screw it up.
What does the `exec 2>&1` on a line after the shebang do?
It redirects stderr to stdout, for logging purposes.
How does that script handle restarts?
The script doesn't restart. If you mean restart after crash, the runsvdir program notice the program crashed and restarts it. When that happens, this run script runs again to start sshd. If you mean "how does a human restart it, the command (as root) is: sv restart sshd If you want finer control on automatic restarts, you want S6. I don't need control that fine.
If sshd goes down, what happens?
runsvdir loops around all the processes it's supervising, and when one has crashed, it restarts it.
My system will restart on failure unless exit code 255 from sshd occurred:
Restart=on-failure RestartPreventExitStatus=255
Yeah, for that kind of control, you'd want s6, although you might be able to do it with runit's finish file. I've never tried. SteveT Steve Litt http://444domains.com