when the sshd hits the fan
Eugene M. Zheganin
emz at norma.perm.ru
Wed Sep 23 10:38:24 UTC 2015
On 23.09.2015 15:11, Miroslav Lachman wrote:
> Eugene M. Zheganin wrote on 09/23/2015 10:44:
>> I'm trying to understand why the sshd still starts after local daemons,
>> out-of-the-box, and what it takes to make this extremely vital service
>> to start before non-system (local) ones. I bet I'm not the first one to
>> ask, so why isn't this already done ? Seems quite easy for me.
> I was thinking about this a long time ago and instead of trying to
> change FreeBSD,
But .... why ?
> I just added one simple file on each of our servers:
> ~/> cat /usr/local/etc/rc.d/sshd_reorder
> # PROVIDE: sshd_reorder
> # REQUIRE: LOGIN sshd
> ## this file is just to start sshd earlier on the boot
> ## mainly before long starting processes like jails, mysql, apache etc.
> ## place this file in to /usr/local/etc/rc.d/sshd_reorder
> ## and make it executable chmod 0555 /usr/local/etc/rc.d/sshd_reorder
> It is not perfect, because some services are still started before sshd.
Yeah, as I said, workaround is quite simple. But I don't see a single
reason to avoid committing this (or similar) workaround to the official
source tree. This would rid lots of people to reapply this fix during
each upgrade cycle, thus making the life easier.
More information about the freebsd-stable