Linux
為什麼每次啟動後我都缺少 /var/run/sshd ?
我在 Proxmox 5.2-11 下執行 Ubuntu 16.04 容器。應用最新一輪更新檔1後,我無法在控制台或通過 ssh 登錄。
我在管理程序上安裝了容器根 FS 並添加
pts/0到/etc/security/access.conf(我們執行pam_access)並允許根登錄到控制台。我們有root : lxc/tty0 lxc/tty1 lxc/tty2我access.conf認為足夠的東西,所以為什麼我pts/0現在需要它是令人費解的。我注意到 ssh 沒有執行,所以嘗試手動啟動它 (
/usr/sbin/sshd -DDD -f /etc/ssh/sshd_config) 並收到此錯誤:Missing privilege separation directory: /var/run/sshd我手動創建了目錄,啟動
ssh並最終能夠登錄,但重新啟動後,問題仍然存在。未創建目錄。只有有用journalctl的部分和唯一有趣的部分是關於“不允許操作”的內容,但沒有更多資訊。我對 16.04 不太熟悉,所以想知道如何找到有關該問題的更多資訊。我沒有
/var/log/syslog或/var/log/messages只有kern.log這樣一種迷失。systemd-sysv 229-4ubuntu21.9 libpam-systemd 229-4ubuntu21.9 libsystemd0 229-4ubuntu21.9 systemd 229-4ubuntu21.9 udev 229-4ubuntu21.9 libudev1 229-4ubuntu21.9 iproute2 4.3.0-1ubuntu3.16.04.4 libsasl2-modules-db 2.1.26.dfsg1-14ubuntu0.1 libsasl2-2 2.1.26.dfsg1-14ubuntu0.1 ldap-utils 2.4.42dfsg-2ubuntu3.4 libldap-2.4-2 2.4.42dfsg-2ubuntu3.4 libsasl2-modules 2.1.26.dfsg1-14ubuntu0.1 libgs9-common 9.25dfsg1-0ubuntu0.16.04.3 ghostscript 9.25dfsg1-0ubuntu0.16.04.3 libgs9 9.25dfsg1-0ubuntu0.16.04.3$$ 2 $$
Nov 27 10:13:48 host16 systemd[1]: Starting OpenBSD Secure Shell server... Nov 27 10:13:48 host16 sshd[474]: Missing privilege separation directory: /var/run/sshd Nov 27 10:13:48 host16 systemd[1]: ssh.service: Control process exited, code=exited status=255 Nov 27 10:13:48 host16 systemd[1]: Failed to start OpenBSD Secure Shell server. Nov 27 10:13:48 host16 systemd[1]: ssh.service: Unit entered failed state. Nov 27 10:13:48 host16 systemd[1]: ssh.service: Failed with result 'exit-code'. Nov 27 10:13:48 host16 mysqld_safe[495]: Starting mysqld daemon with databases from /var/lib/mysql/mysql Nov 27 10:13:48 host16 mysqld[500]: 181127 10:13:48 [Note] /usr/sbin/mysqld (mysqld 10.0.36-MariaDB-0ubuntu0.16.04.1) starting as process 499 ... Nov 27 10:13:48 host16 systemd[1]: ssh.service: Service hold-off time over, scheduling restart. Nov 27 10:13:48 host16 systemd[1]: Stopped OpenBSD Secure Shell server. Nov 27 10:13:48 host16 systemd[1]: Failed to reset devices.list on /system.slice/ssh.service: Operation not permitted Nov 27 10:13:48 host16 systemd[1]: Starting OpenBSD Secure Shell server... Nov 27 10:13:48 host16 sshd[502]: Missing privilege separation directory: /var/run/sshd Nov 27 10:13:48 host16 systemd[1]: ssh.service: Control process exited, code=exited status=255 Nov 27 10:13:48 host16 systemd[1]: Failed to start OpenBSD Secure Shell server. Nov 27 10:13:48 host16 systemd[1]: ssh.service: Unit entered failed state. Nov 27 10:13:48 host16 systemd[1]: ssh.service: Failed with result 'exit-code'. Nov 27 10:13:48 host16 systemd[1]: ssh.service: Service hold-off time over, scheduling restart. Nov 27 10:13:48 host16 systemd[1]: Stopped OpenBSD Secure Shell server. Nov 27 10:13:48 host16 systemd[1]: Failed to reset devices.list on /system.slice/ssh.service: Operation not permitted Nov 27 10:13:48 host16 systemd[1]: Starting OpenBSD Secure Shell server... Nov 27 10:13:48 host16 sshd[503]: Missing privilege separation directory: /var/run/sshd Nov 27 10:13:48 host16 systemd[1]: ssh.service: Control process exited, code=exited status=255 Nov 27 10:13:48 host16 systemd[1]: Failed to start OpenBSD Secure Shell server. Nov 27 10:13:48 host16 systemd[1]: ssh.service: Unit entered failed state. Nov 27 10:13:48 host16 systemd[1]: ssh.service: Failed with result 'exit-code'. Nov 27 10:13:48 host16 systemd[1]: ssh.service: Service hold-off time over, scheduling restart. Nov 27 10:13:48 host16 systemd[1]: Stopped OpenBSD Secure Shell server. Nov 27 10:13:48 host16 systemd[1]: Failed to reset devices.list on /system.slice/ssh.service: Operation not permitted Nov 27 10:13:48 host16 systemd[1]: Starting OpenBSD Secure Shell server... Nov 27 10:13:48 host16 sshd[504]: Missing privilege separation directory: /var/run/sshd Nov 27 10:13:48 host16 systemd[1]: ssh.service: Control process exited, code=exited status=255 Nov 27 10:13:48 host16 systemd[1]: Failed to start OpenBSD Secure Shell server. Nov 27 10:13:48 host16 systemd[1]: ssh.service: Unit entered failed state. Nov 27 10:13:48 host16 systemd[1]: ssh.service: Failed with result 'exit-code'. Nov 27 10:13:49 host16 systemd[1]: ssh.service: Service hold-off time over, scheduling restart. Nov 27 10:13:49 host16 systemd[1]: Stopped OpenBSD Secure Shell server. Nov 27 10:13:49 host16 systemd[1]: ssh.service: Start request repeated too quickly. Nov 27 10:13:49 host16 systemd[1]: Failed to start OpenBSD Secure Shell server. Nov 27 10:13:49 host16 systemd[1]: ssh.service: Unit entered failed state. Nov 27 10:13:49 host16 systemd[1]: ssh.service: Failed with result 'start-limit-hit'. Nov 27 10:13:49 host16 systemd[1]: Started /etc/rc.local Compatibility. Nov 27 10:13:49 host16 systemd[1]: Failed to reset devices.list on /system.slice/plymouth-quit.service: Operation not permitted Nov 27 10:13:49 host16 systemd[1]: Starting Terminate Plymouth Boot Screen... Nov 27 10:13:49 host16 systemd[1]: Failed to reset devices.list on /system.slice/plymouth-quit-wait.service: Operation not permitted Nov 27 10:13:49 host16 systemd[1]: Starting Hold until boot process finishes up... Nov 27 10:13:49 host16 systemd[1]: Failed to reset devices.list on /system.slice/rc-local.service: Operation not permitted Nov 27 10:13:49 host16 systemd[1]: Started Hold until boot process finishes up. Nov 27 10:13:49 host16 systemd[1]: Started Container Getty on /dev/pts/1. Nov 27 10:13:49 host16 systemd[1]: Started Container Getty on /dev/pts/0. Nov 27 10:13:49 host16 systemd[1]: Failed to reset devices.list on /system.slice/console-getty.service: Operation not permitted Nov 27 10:13:49 host16 systemd[1]: Started Console Getty. Nov 27 10:13:49 host16 systemd[1]: Reached target Login Prompts. Nov 27 10:13:49 host16 systemd[1]: Started Terminate Plymouth Boot Screen. Nov 27 10:13:52 host16 nslcd[338]: accepting connections Nov 27 10:13:52 host16 nslcd[275]: ...done. Nov 27 10:13:52 host16 systemd[1]: Started LSB: LDAP connection daemon. Nov 27 10:13:52 host16 systemd[1]: Failed to reset devices.list on /system.slice/cron.service: Operation not permitted Nov 27 10:13:52 host16 systemd[1]: Started Regular background program processing daemon. Nov 27 10:13:52 host16 systemd[1]: Failed to reset devices.list on /system.slice/atd.service: Operation not permitted添加的
systemd-tmpfiles --create輸出真的很奇怪……我檢查了
/tmp這些文件不存在
所以 /run (和 /var/run 符號連結到它)每次重新啟動都會重新創建。除了 systemd-tmpfiles 對包括 (/var)/run/sshd 在內的某些文件沒有這樣做。
顯然,這是通過 OpenVZ 核心升級修復的。但是現在要實際修復它,您需要編輯
/usr/lib/tmpfiles.d/sshd.conf並/var從行中刪除d /var/run/sshd 0755 root root以改為閱讀:d /run/sshd 0755 root root就是這樣..!
當 openssh-server 升級時,我們希望他們能修復這個 bug(或者它真的是 systemd 中的一個 bug?還是 openvz ??)——否則你可能會遇到同樣的問題。