From mboxrd@z Thu Jan 1 00:00:00 1970 X-GM-THRID: 6802611076497145856 X-Received: by 2002:a1c:f003:: with SMTP id a3mr2634661wmb.41.1583916656277; Wed, 11 Mar 2020 01:50:56 -0700 (PDT) X-BeenThere: isar-users@googlegroups.com Received: by 2002:a1c:4b06:: with SMTP id y6ls776286wma.3.canary-gmail; Wed, 11 Mar 2020 01:50:55 -0700 (PDT) X-Google-Smtp-Source: ADFU+vtwbSZBv6bm1Xy7S/1JawjvIBehIHeB49NmCdydmsgehHx3eJzVAkaPSud0vUapWM4W1q6z X-Received: by 2002:a05:600c:247:: with SMTP id 7mr2687380wmj.181.1583916655718; Wed, 11 Mar 2020 01:50:55 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1583916655; cv=none; d=google.com; s=arc-20160816; b=B2GydsX8/aIllKrth4VB2xAdsOfTVH99GmjCo6z4MipkKx+IwhD4je0usRb+2+s5sa N4wKiR75uRggOhf2mYFzwhEEeEQy6DahzCs3HKYhiNQLBg9bJJikJLigsyPK9BQgGu1H S2qbQSMrftDZXn0U3bF3v90SFCBcnDTCX9fmvtdaHV0Hpsu2bayvmMbH41XtGZsBcth/ wZ6o+tJxP6puz+PnaHFt2qmVNIJSUYMecaKkXflIvivRAeCQkL3RBVIfkC3OSljYRUct hJ6moVWztzuLV6QQglpgmHc52LGvij9mApXkUfxm+I5CnkLZUNPd9LoWTYJbUjKBFLg7 CKlg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:subject:cc:to:from:date; bh=7dJfBQLWt+CE+Fu0BFaSiae/CGeA6LjRl7vSLTsl6u0=; b=buNxlKou9sASZWSodd/ogvNghgiahR8oIm4Q6SikwDIFipjSo8QhRf7rtFM+V9r8IB uGsKjBJ77yi/Qwf+KtftUpqCLfqY5bvk2TIO3uOwr8cFWCkeU5TmI+HpPEk6p0D39NFz zkaJLKa9ifdz7BcG8AIvAXKKkKqgMnoZZy26GfuoAmSIc/CypgOpEQ+CADmRjKAn55AM e9nPmIjHnqNW1Iph/bxgwTvUo+5nGHTRjvmhKh8BQhU/YiFH4Subw3zgJGl0bLzMqMTe DCkyYvDuVpWrgRtLW+HytoFnw4Bskq8NEGtmmQkTXxcDismRYojsrZHM51Fccr1r9FrV xckg== ARC-Authentication-Results: i=1; gmr-mx.google.com; spf=pass (google.com: domain of henning.schild@siemens.com designates 192.35.17.28 as permitted sender) smtp.mailfrom=henning.schild@siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com Return-Path: Received: from goliath.siemens.de (goliath.siemens.de. [192.35.17.28]) by gmr-mx.google.com with ESMTPS id l17si80370wmg.0.2020.03.11.01.50.55 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 11 Mar 2020 01:50:55 -0700 (PDT) Received-SPF: pass (google.com: domain of henning.schild@siemens.com designates 192.35.17.28 as permitted sender) client-ip=192.35.17.28; Authentication-Results: gmr-mx.google.com; spf=pass (google.com: domain of henning.schild@siemens.com designates 192.35.17.28 as permitted sender) smtp.mailfrom=henning.schild@siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com Received: from mail2.sbs.de (mail2.sbs.de [192.129.41.66]) by goliath.siemens.de (8.15.2/8.15.2) with ESMTPS id 02B8os82007824 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 11 Mar 2020 09:50:54 +0100 Received: from md1za8fc.ad001.siemens.net ([167.87.252.198]) by mail2.sbs.de (8.15.2/8.15.2) with ESMTP id 02B8or53005070; Wed, 11 Mar 2020 09:50:54 +0100 Date: Wed, 11 Mar 2020 09:50:50 +0100 From: Henning Schild To: Cedric Hombourger , "Kiszka, Jan" Cc: Subject: Re: [PATCH 1/3] sshd-regen-keys: correct dependency on ssh daemon service Message-ID: <20200311095050.4a3bdd64@md1za8fc.ad001.siemens.net> In-Reply-To: <20200311093443.541c8c61@md1za8fc.ad001.siemens.net> References: <1583856274-254-1-git-send-email-Cedric_Hombourger@mentor.com> <1583856274-254-2-git-send-email-Cedric_Hombourger@mentor.com> <20200311093443.541c8c61@md1za8fc.ad001.siemens.net> X-Mailer: Claws Mail 3.17.4 (GTK+ 2.24.32; x86_64-pc-linux-gnu) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-TUID: TqyzOKLkFFDJ On Wed, 11 Mar 2020 09:34:43 +0100 "[ext] Henning Schild" wrote: > One fun fact on the version bump here. All our "on first boot" recipes > use a trick where the postinst enables them, and their run disables > them again. > > That pattern is broken in the face of package updates, where the > service will be enabled again and we do a second round. Meaning all > packages using that pattern need code that can be run multiple times. > > In fact the pattern should probably be improved, where the "enable" in > postinst becomes conditional if the packages was installed before and > the service is already disabled. > > Taking Jan in as well, since he established that pattern. Did some digging, i think the solution will/should involve deb-systemd-helper Henning > Henning > > On Tue, 10 Mar 2020 17:04:32 +0100 > Cedric Hombourger wrote: > > > The name of the SSH daemon service is ssh.service, not sshd.service > > This fixes some (sporadic) failures to generate host-specific ssh > > keys on first boot. > > > > Signed-off-by: Cedric Hombourger > > --- > > .../sshd-regen-keys/files/sshd-regen-keys.service | 2 > > +- .../{sshd-regen-keys_0.2.bb => sshd-regen-keys_0.3.bb} > > | 0 2 files changed, 1 insertion(+), 1 deletion(-) > > rename > > meta/recipes-support/sshd-regen-keys/{sshd-regen-keys_0.2.bb => > > sshd-regen-keys_0.3.bb} (100%) > > > > diff --git > > a/meta/recipes-support/sshd-regen-keys/files/sshd-regen-keys.service > > b/meta/recipes-support/sshd-regen-keys/files/sshd-regen-keys.service > > index a05e1a9..f50d34c 100644 --- > > a/meta/recipes-support/sshd-regen-keys/files/sshd-regen-keys.service > > +++ > > b/meta/recipes-support/sshd-regen-keys/files/sshd-regen-keys.service > > @@ -3,7 +3,7 @@ Description=Regenerate sshd host keys > > DefaultDependencies=no Conflicts=shutdown.target > > After=systemd-remount-fs.service -Before=shutdown.target > > sshd.service +Before=shutdown.target ssh.service > > ConditionPathIsReadWrite=/etc > > [Service] > > diff --git > > a/meta/recipes-support/sshd-regen-keys/sshd-regen-keys_0.2.bb > > b/meta/recipes-support/sshd-regen-keys/sshd-regen-keys_0.3.bb > > similarity index 100% rename from > > meta/recipes-support/sshd-regen-keys/sshd-regen-keys_0.2.bb rename > > to meta/recipes-support/sshd-regen-keys/sshd-regen-keys_0.3.bb >