On a 15.1 box, i have ssh which is working except for this pid part.
I have uncommented line
PidFile /run/sshd.pid
in
/etc/ssh/sshd_config
.
[LEFT]
I then restarted SSH and also rebooted the box, however no pidfile is created in /run.
I can see cron.pid, http.pid etc in this /run directory - so its working for other application but not ssh?
I think this is because “sshd” is started with the “-D” option, and that probably disables creating a pid file. But the man pages are not completely clear on this. It is started with “-D” because that’s how “systemd” wants to monitor the service.
Yes … i have something similar…
Its just that Monit requires the program’s pid or the programs’ regex to monitor.
I cant get more info on the regex.
So getting the pid is my best bet…
Any impact of me editing the sshd.service file and removing the -D ? Any other changes need to be made ?
systemctl status sshd
● sshd.service - OpenSSH Daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: disabled)
Active: active (running) since Fri 2019-12-20 00:49:53 +08; 7h ago
Main PID: 1276 (sshd)
Tasks: 1
CGroup: /system.slice/sshd.service
└─1276 /usr/sbin/sshd -D
Dec 20 00:49:52 cloud06 systemd[1]: Starting OpenSSH Daemon...
Dec 20 00:49:52 cloud06 sshd-gen-keys-start[1186]: Checking for missing server keys in /etc/ssh
Dec 20 00:49:53 cloud06 sshd[1276]: Server listening on 0.0.0.0 port 2206.
Dec 20 00:49:53 cloud06 sshd[1276]: Server listening on :: port 2206.
Dec 20 00:49:53 cloud06 systemd[1]: Started OpenSSH Daemon.
Hi
Likely an upstream issue and not keeping up with systemd? Might pay to ask the developers of the application.
Copy the service to /etc/systemd/system and edit that it will not change after an update. The /etc/systemd location is for user modification or own systemd service files.
From a quick glance at the Monit site, it looks as if it has several different ways to identify a service/process. Maybe there’s already an answer in the documentation somewhere.
Editing sshd.service and removing " -D " allows the PID file to be created as per settings in /etc/ssh/sshd_config. But this seems to cause some issues in monitoring ssh sessions. So aborted
this approach.
Use this snippet placed in /etc/monit.d/
check process sshd_monit matching "/usr/bin/sshd"
start program "/usr/bin/systemctl start sshd"
stop program "/usr/bin/systemctl stop sshd"
if failed port 2206 protocol ssh then restart
Result - If sshd dies, its gets restarted via monit.
That is exactly what systemd is supposed to do - restart failed service. Why you need yet another third-party application that duplicates main systemd functionality?
Also doing systemctl stop/start effectively resets failure indication on service (and prevents more advanced systemd features like rate limiting from being useful).