Details
-
Bug
-
Status: Open
-
Minor
-
Resolution: Unresolved
-
2.0.0
-
None
-
None
Description
On provisioning CentOS 7.3, use of org.jclouds.scriptbuilder.statements.ssh.SshdConfig to call service sshd reload can (often) leave systemd in a bad state. It causes systemd to think that the process is "inactive (dead)".
This code is called by org.jclouds.scriptbuilder.statements.login.AdminAccess when lockSsh is true (which is the default).
For a lot more detail, see:
- https://issues.apache.org/jira/browse/BROOKLYN-434, which describes the behaviour we see.
- RHEL bug report at https://bugzilla.redhat.com/show_bug.cgi?id=1381997 (which gives the best description of the underlying problem in https://bugzilla.redhat.com/show_bug.cgi?id=1381997#c4).
- CentOS bug report at https://bugs.centos.org/view.php?id=12757
- The change introduced the problematic behavior at https://bugzilla.redhat.com/show_bug.cgi?id=1291172
A workaround in jclouds would be:
- Statement reloadSshdConfig = exec("hash service 2>&- && service ssh reload 2>&- || service sshd reload 2>&- || /etc/init.d/ssh* reload");
+ Statement reloadSshdConfig = exec("( hash service 2>&- && ( service ssh reload || ( service sshd stop; service sshd start ) ) ) || /etc/init.d/ssh* reload");
—
However, I'd hope that the CentOS/RHEL etc community will fix this in sshd and/or systemd. Once that is available, then hopefully service sshd reload will work (and is the right, clean thing to do).
But even if that happens, there will likely still be a bunch of images in various clouds that have this bug.
We could conclude that we live with the bug (perhaps mentioning it as a known issue in the release notes, or just via this bug report), and rely on it being fixed in a future CentOS version.
Attachments
Issue Links
- is related to
-
-
- Open
-