[OmniOS-discuss] A small gotcha with switching the ssh & openssh packages in OmniOS

Dan McDonald danmcd at omniti.com
Mon Nov 16 22:15:10 UTC 2015 

TL;DR --> I can change these in omnios-build for ISC DHCP and OpenSSH, but will it cause trouble?!?  That'll require some testing & possibly feedback from you all.

> On Nov 16, 2015, at 3:17 PM, Chris Siebenmann <cks at cs.toronto.edu> wrote:

> Sun SSH uses
> fs-local/*, and OpenSSH uses localfs/*. This means that if you have
> customized eg fs-local/entities for Sun SSH (as we have, so that SSH
> starts very early), you will probably get odd results if you swap over
> to OpenSSH.
> 
> It would be nice if this difference didn't exist and the OpenSSH
> package also used fs-local for this SMF dependency. However it may
> be too late to change it now.

I see what you mean.  Here's SunSSH:

-bash-4.3$ svccfg -s network/ssh listprop | grep local
fs-local                                        dependency
fs-local/entities                               fmri     svc:/system/filesystem/local
fs-local/grouping                               astring  require_all
fs-local/restart_on                             astring  none
fs-local/type                                   astring  service
config_data/entities                            fmri     file://localhost/etc/ssh/sshd_config
-bash-4.3$ 


And here's OpenSSH:

danmcd-os(~)[0]% svccfg -s network/ssh listprop | grep local
localfs                                         dependency
localfs/entities                                fmri     svc:/system/filesystem/local:default
localfs/grouping                                astring  require_all
localfs/restart_on                              astring  none
localfs/type                                    astring  service
config-file/entities                            fmri     file://localhost/etc/ssh/sshd_config
danmcd-os(~)[0]% 



And their sources:

bloody(cmd/ssh)[0]% pwd
/data/danmcd/ws/illumos-omnios/usr/src/cmd/ssh
bloody(cmd/ssh)[0]% grep local etc/ssh.xml
        <dependency name='fs-local'
                        value='svc:/system/filesystem/local' />
                    value='file://localhost/etc/ssh/sshd_config' />
bloody(cmd/ssh)[0]% 


bloody(build/openssh)[0]% grep local * | grep -v build.log
ssh.xml:                <dependency name='localfs'  grouping='require_all'
ssh.xml:                        <service_fmri value='svc:/system/filesystem/local:default' />
ssh.xml:                value='file://localhost/etc/ssh/sshd_config' />
bloody(build/openssh)[0]% 


This seems like such a happy-vs-glad mismatch... and it turns out everything that uses this in illumos-* uses fs-local, and omnios-build splits it 2 vs. 2 (the 2nd instance of localfs in ISC DHCP is all on me... sorry!).


Off the top of my head, I can't *IMAGINE* such a change from localfs to fs-local causing headaches in OpenSSH or ISC DHCP, but it'll require some testing.  Also, will such a change into a backport situation (014 & 016) cause more havoc than a major upgrade?

Food for (mostly my) thought, but I appreciate additional feedback.

Dan

More information about the OmniOS-discuss mailing list