Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 23 Sep 2015 15:38:14 +0500
From:      "Eugene M. Zheganin" <emz@norma.perm.ru>
To:        stable@freebsd.org
Subject:   Re: when the sshd hits the fan
Message-ID:  <56028116.5080409@norma.perm.ru>
In-Reply-To: <56027AB8.9080301@quip.cz>
References:  <56026686.8030308@norma.perm.ru> <56027AB8.9080301@quip.cz>

next in thread | previous in thread | raw e-mail | index | archive | help
Hi.

On 23.09.2015 15:11, Miroslav Lachman wrote:
> Eugene M. Zheganin wrote on 09/23/2015 10:44:
>> Hi.
>>
>> I'm trying to understand why the sshd still starts after local daemons,
>> out-of-the-box, and what it takes to make this extremely vital service
>> to start before non-system (local) ones. I bet I'm not the first one to
>> ask, so why isn't this already done ? Seems quite easy for me.
>
> I was thinking about this a long time ago and instead of trying to
> change FreeBSD, 
But .... why ?

> I just added one simple file on each of our servers:
>
>
> ~/> cat /usr/local/etc/rc.d/sshd_reorder
> #!/bin/sh
>
> # PROVIDE: sshd_reorder
> # REQUIRE: LOGIN sshd
>
> ## this file is just to start sshd earlier on the boot
> ## mainly before long starting processes like jails, mysql, apache etc.
> ##
> ## place this file in to /usr/local/etc/rc.d/sshd_reorder
> ## and make it executable chmod 0555 /usr/local/etc/rc.d/sshd_reorder
>
>
> It is not perfect, because some services are still started before sshd.
>
Yeah, as I said, workaround is quite simple. But I don't see a single
reason to avoid committing this (or similar) workaround to the official
source tree. This would rid lots of people to reapply this fix during
each upgrade cycle, thus making the life easier.

Eugene.



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?56028116.5080409>