From mboxrd@z Thu Jan 1 00:00:00 1970 X-GM-THRID: 6802611076497145856 X-Received: by 2002:a05:6000:1107:: with SMTP id z7mr3358562wrw.340.1583915688563; Wed, 11 Mar 2020 01:34:48 -0700 (PDT) X-BeenThere: isar-users@googlegroups.com Received: by 2002:a1c:208f:: with SMTP id g137ls759952wmg.1.gmail; Wed, 11 Mar 2020 01:34:48 -0700 (PDT) X-Google-Smtp-Source: ADFU+vsxa5lx5DERAztIs7yZrGnFO8ZPGv1h6TE6/kq88K0xFQAc82/EkqyJsphzkyqmoxkOxx5D X-Received: by 2002:a7b:ca55:: with SMTP id m21mr2586258wml.162.1583915687921; Wed, 11 Mar 2020 01:34:47 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1583915687; cv=none; d=google.com; s=arc-20160816; b=Sc3L8ZrPSpcSffC0tKiS1jYCgiZjSBRtV9yF4AlT9c2hVY36eTbf542pwRELUPZA+h rjLPmpfxTrlu17LwV0I1C2s6bk3oPh0s/sSHfKxAhSP7a11Mk5m6H8NxiZHZHHvomnBZ PfbjgVsAms+w54N0gUYdFrMKvuOmejSVvSX7LumGsZyBrVHhOqurC31FyPGQXC8rt0CS dA7gxTud7J10KayoTut1w7WCGVzP5WOw8gNu0qN5gey0Pb++pM4I3FcnxhBrIaWh/5zF Qa57unT6VUy2JfIWrR37bGAGJd0ehaFYw12BzEsNYhYySOduRbINtucSPkmy4hlNC7GQ 9Jmw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:subject:cc:to:from:date; bh=Su7hFsqCuWRxu0/2JUoSpUYgDoCY9DoOTj7cGxC9pSM=; b=0Lcr/I7UEdFNWARZt87J3Lao3CKLqC6sJfBmbd4P7r72ylmLMQncPdbQIFwCD3Mqp2 ku3PR64WuuzPZyrtlBC7s/ZhTeAOhHfrN5mhraR0UtM88vP5exd4SCrhioIxtKbhEE7f WxG8i3R9jxZuvJFmNK8twHpE6Dsppzq93pAhofLmuNfRZGR5GA51w6Jd49Rn5WPvoScz IVOS0FjWbU9j87tbt13Dw6jljZ+QO/0SFADzfk2RKOpMa9PwYag/KpfRgjMZL+267TPz SxfbMcTr32kx2/Rx4dGPwr0aa86Fsoe0BGHh4QexM5BIoZMoq0Jb7+16P9l6FQT6oyb/ vEqA== ARC-Authentication-Results: i=1; gmr-mx.google.com; spf=pass (google.com: domain of henning.schild@siemens.com designates 192.35.17.2 as permitted sender) smtp.mailfrom=henning.schild@siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com Return-Path: Received: from thoth.sbs.de (thoth.sbs.de. [192.35.17.2]) by gmr-mx.google.com with ESMTPS id h15si302043wml.4.2020.03.11.01.34.47 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 11 Mar 2020 01:34:47 -0700 (PDT) Received-SPF: pass (google.com: domain of henning.schild@siemens.com designates 192.35.17.2 as permitted sender) client-ip=192.35.17.2; Authentication-Results: gmr-mx.google.com; spf=pass (google.com: domain of henning.schild@siemens.com designates 192.35.17.2 as permitted sender) smtp.mailfrom=henning.schild@siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com Received: from mail1.sbs.de (mail1.sbs.de [192.129.41.35]) by thoth.sbs.de (8.15.2/8.15.2) with ESMTPS id 02B8YlZh015933 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 11 Mar 2020 09:34:47 +0100 Received: from md1za8fc.ad001.siemens.net ([167.87.252.198]) by mail1.sbs.de (8.15.2/8.15.2) with ESMTP id 02B8YkJf003036; Wed, 11 Mar 2020 09:34:47 +0100 Date: Wed, 11 Mar 2020 09:34:43 +0100 From: Henning Schild To: Cedric Hombourger , "Kiszka, Jan" Cc: Subject: Re: [PATCH 1/3] sshd-regen-keys: correct dependency on ssh daemon service Message-ID: <20200311093443.541c8c61@md1za8fc.ad001.siemens.net> In-Reply-To: <1583856274-254-2-git-send-email-Cedric_Hombourger@mentor.com> References: <1583856274-254-1-git-send-email-Cedric_Hombourger@mentor.com> <1583856274-254-2-git-send-email-Cedric_Hombourger@mentor.com> X-Mailer: Claws Mail 3.17.4 (GTK+ 2.24.32; x86_64-pc-linux-gnu) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-TUID: SeMC1q3uHnaN One fun fact on the version bump here. All our "on first boot" recipes use a trick where the postinst enables them, and their run disables them again. That pattern is broken in the face of package updates, where the service will be enabled again and we do a second round. Meaning all packages using that pattern need code that can be run multiple times. In fact the pattern should probably be improved, where the "enable" in postinst becomes conditional if the packages was installed before and the service is already disabled. Taking Jan in as well, since he established that pattern. Henning On Tue, 10 Mar 2020 17:04:32 +0100 Cedric Hombourger wrote: > The name of the SSH daemon service is ssh.service, not sshd.service > This fixes some (sporadic) failures to generate host-specific ssh > keys on first boot. > > Signed-off-by: Cedric Hombourger > --- > .../sshd-regen-keys/files/sshd-regen-keys.service | 2 > +- .../{sshd-regen-keys_0.2.bb => sshd-regen-keys_0.3.bb} | 0 > 2 files changed, 1 insertion(+), 1 deletion(-) > rename meta/recipes-support/sshd-regen-keys/{sshd-regen-keys_0.2.bb > => sshd-regen-keys_0.3.bb} (100%) > > diff --git > a/meta/recipes-support/sshd-regen-keys/files/sshd-regen-keys.service > b/meta/recipes-support/sshd-regen-keys/files/sshd-regen-keys.service > index a05e1a9..f50d34c 100644 --- > a/meta/recipes-support/sshd-regen-keys/files/sshd-regen-keys.service > +++ > b/meta/recipes-support/sshd-regen-keys/files/sshd-regen-keys.service > @@ -3,7 +3,7 @@ Description=Regenerate sshd host keys > DefaultDependencies=no Conflicts=shutdown.target > After=systemd-remount-fs.service -Before=shutdown.target sshd.service > +Before=shutdown.target ssh.service ConditionPathIsReadWrite=/etc > > [Service] > diff --git > a/meta/recipes-support/sshd-regen-keys/sshd-regen-keys_0.2.bb > b/meta/recipes-support/sshd-regen-keys/sshd-regen-keys_0.3.bb > similarity index 100% rename from > meta/recipes-support/sshd-regen-keys/sshd-regen-keys_0.2.bb rename to > meta/recipes-support/sshd-regen-keys/sshd-regen-keys_0.3.bb