Discussion:
Multiple services using the same core service?
Add Reply
林自均
2017-12-26 01:39:59 UTC
Reply
Permalink
Raw Message
Hi folks,

I am trying to achieve:

# systemctl start sshd-shell.service (1)
# systemctl start sshd-sftp.service (2)
# systemctl stop sshd-shell.service (3)
# systemctl stop sshd-sftp.service (4)

Before the command (1), sshd is not running. By typing (1),
/etc/sshd_config is configured to accept ssh shell connections but no sftp
connections, and then start sshd. By typing (2), /etc/sshd_config is
configured to accept sftp connections too, and sshd is reloaded. By typing
(3), /etc/sshd_config is configured to refuse ssh shell connection, and
sshd is reloaded again. By typing (4), sshd will be stopped.

Basically, I wrote the following 3 service units:

- sshd-core.service: the original sshd
- sshd-shell.service: ssh shell
- sshd-sftp.service: sftp server

The units looks like:

# sshd-core.service
[Unit]
Description=OpenSSH Daemon
After=network.target
StopWhenUnneeded=yes
RefuseManualStart=yes

[Service]
ExecStart=/usr/bin/sshd -D
ExecReload=/bin/kill -HUP $MAINPID
KillMode=process
Restart=always

# sshd-shell.service
[Unit]
Requires=sshd-core.service
After=sshd-core.service
PropagatesReloadTo=sshd-core.service

[Service]
Type=oneshot
ExecStart=/usr/local/bin/config-sshd.sh enable-shell
ExecStop=/usr/local/bin/config-sshd.sh disable-shell
ExecReload=/bin/true
RemainAfterExit=yes
ExecStartPost=/bin/sleep 1
ExecStartPost=-/bin/systemctl reload --no-block sshd-core.service
ExecStopPost=-/bin/systemctl reload --no-block sshd-core.service

And sshd-sftp.service is similar to sshd-shell.service except the
ExecStart= and ExecStop= configures sftp.

The current problem is that I don't know if there is a better way to
achieve this. For example, I have to sleep 1 second before reloading
sshd-core.service in sshd-shell.service because otherwise sshd didn't setup
the signal handler for SIGHUP and will terminate itself. Or systemd doesn't
suggest such use case?

Thanks for any comments.

John

Loading...