Page MenuHomeFreeBSD
Differential D35109

freebsd-update: restart sshd after upgrade
ClosedPublic
Actions

Authored by emaste on May 2 2022, 5:19 PM.
Tags
None
Referenced Files
Unknown Object (File)
Wed, Oct 15, 6:16 AM
Unknown Object (File)
Wed, Oct 15, 4:18 AM
Unknown Object (File)
Sat, Oct 11, 11:15 AM
Unknown Object (File)
Sat, Oct 11, 11:15 AM
Unknown Object (File)
Sat, Oct 11, 11:15 AM
Unknown Object (File)
Sat, Oct 11, 3:16 AM
Unknown Object (File)
Sat, Sep 20, 12:56 PM
Unknown Object (File)
Fri, Sep 19, 2:38 AM
View All Files
Subscribers
imp
releng
secteam

Details

Reviewers
cperciva
kevans
gjb
Commits
rGb296e60ed35e: freebsd-update: restart sshd after upgrade
rG6cd1bc531609: freebsd-update: restart sshd after upgrade
Summary

Sometimes the parent-child sshd protocol changes during an upgrade, and
when this happens sshd will not accept new connections until it is
restarted.

PR: 263489

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

emaste requested review of this revision.May 2 2022, 5:19 PM
emaste created this revision.
emaste added a reviewer: kevans.May 2 2022, 5:25 PM
gjb accepted this revision.May 2 2022, 5:26 PM
This revision is now accepted and ready to land.May 2 2022, 5:26 PM
kevans accepted this revision.May 2 2022, 5:40 PM
cperciva added a comment.May 2 2022, 6:25 PM

Dumb question, I'm sure, but doesn't restarting sshd kill current ssh sessions?

emaste added a comment.May 2 2022, 6:27 PM

Dumb question, I'm sure, but doesn't restarting sshd kill current ssh sessions?

Not a dumb question! It does not. The parent sshd process restarts, but it does not kill any of the children handling already-accepted connections.

emaste added a comment.May 2 2022, 6:30 PM

Will change the comment to

# Restart sshd if running (PR263489).  Note that this does not
# affect child sshd processes handling existing sessions.
gjb added a comment.May 2 2022, 6:34 PM
In D35109#795779, @emaste wrote:

Dumb question, I'm sure, but doesn't restarting sshd kill current ssh sessions?

Not a dumb question! It does not. The parent sshd process restarts, but it does not kill any of the children handling already-accepted connections.

Right. The only time I have ever seen sshd terminate an active connection is when reloading pf(4) rules or restarting pf(4).

cperciva added a comment.May 2 2022, 6:34 PM

Thanks! I was having nightmares of ssh sessions being terminated and leaving people with half-upgraded systems which they couldn't ssh into.

cperciva added a comment.May 2 2022, 6:36 PM

Right. The only time I have ever seen sshd terminate an active connection is when reloading pf(4) rules or restarting pf(4).

Ah, that's probably what I was thinking of. I know I've locked myself out of a system in the past by trying to restart something, and now I'm forever paranoid.

Closed by commit rG6cd1bc531609: freebsd-update: restart sshd after upgrade (authored by emaste). · Explain WhyMay 2 2022, 6:39 PM
This revision was automatically updated to reflect the committed changes.
emaste added a commit: rG6cd1bc531609: freebsd-update: restart sshd after upgrade.
Herald added a subscriber: imp. · View Herald TranscriptMay 2 2022, 6:39 PM
eugen_grosbein.net added a commit: rGb296e60ed35e: freebsd-update: restart sshd after upgrade.Dec 10 2022, 5:02 AM
des mentioned this in D53061: sendmail: Restart sendmail service on package upgrade.Mon, Oct 13, 7:48 PM

Revision Contents
Changeset List

PathSize
usr.sbin/
freebsd-update/
8 lines

Diff 105634

View Options

usr.sbin/freebsd-update/freebsd-update.sh

Loading...