From patchwork Sun Aug 24 06:25:22 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Peer Dietzmann X-Patchwork-Id: 8988 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mail01.haj.ipfire.org", Issuer "R11" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4c8kST3Wr9z3wbG for ; Sun, 24 Aug 2025 06:25:29 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [IPv6:2001:678:b28::201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519) (Client CN "mail02.haj.ipfire.org", Issuer "E6" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4c8kSS25kQz5TY for ; Sun, 24 Aug 2025 06:25:28 +0000 (UTC) Authentication-Results: mail01.ipfire.org; dkim=pass header.d=brecht-schule.hamburg header.s=202101ed25519 header.b=GysbqEy6; dkim=pass header.d=brecht-schule.hamburg header.s=202101rsa header.b=UdBva8PB; dmarc=pass (policy=reject) header.from=brecht-schule.hamburg; arc=pass ("lists.ipfire.org:s=202003rsa:i=1"); spf=softfail (mail01.ipfire.org: 2001:678:b28::201 is neither permitted nor denied by domain of "development+bounces-835-patchwork=ipfire.org@lists.ipfire.org") smtp.mailfrom="development+bounces-835-patchwork=ipfire.org@lists.ipfire.org" ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1756016728; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding:list-id:list-help: list-unsubscribe:list-subscribe:list-post:dkim-signature; bh=f8UFPsINmKQsl6R1dYpat0M1p2sHnCGqhsyhFkS92AQ=; b=Zz+Twzu7vTrswJ2qG1PVIBl1B0nfO23mFZBqCrnjdH+eOe3GegAWGSfL+a3jkRxQzIOLJL C/WDfEe7XZIFIRtz9mQKJcc05dUqV7Y6uUb3NvAS3aGHP5QwRpBv+FymkXA3oK41bBBk1w n2U/8Asw3n4Cgay3G6ahFzxM2Uhwk5X4twnGuJuNewUsOO9R72c05Jz9TG0Wcalcg1ep3p S4hZJd1L0wqD8Gw4K0yI4p6iXvs75qd5LFmXJnLrssk7jw9cLvDH2V9Z/w+M53kNRiOkrH s4SOL0Zra3f8a6oeRz70/0ldK92RBsMPQ8UpLbxlKOmDWuMwEx5KVSRRflj5Iw== ARC-Authentication-Results: i=2; mail01.ipfire.org; dkim=pass header.d=brecht-schule.hamburg header.s=202101ed25519 header.b=GysbqEy6; dkim=pass header.d=brecht-schule.hamburg header.s=202101rsa header.b=UdBva8PB; dmarc=pass (policy=reject) header.from=brecht-schule.hamburg; arc=pass ("lists.ipfire.org:s=202003rsa:i=1"); spf=softfail (mail01.ipfire.org: 2001:678:b28::201 is neither permitted nor denied by domain of "development+bounces-835-patchwork=ipfire.org@lists.ipfire.org") smtp.mailfrom="development+bounces-835-patchwork=ipfire.org@lists.ipfire.org" ARC-Seal: i=2; s=202003rsa; d=ipfire.org; t=1756016728; a=rsa-sha256; cv=pass; b=CpgikstEbrwCFJkpybt5eAZfR/JgfvIf1y0vCJnD2xxUP4YNrWlG93dnkXE7PoXx7KOwn6 PY3V1sv2mHelAboGjyyJqv9FBavMEHEuqEbkJaiMX1FIPHFlw5JwcU8ocwmdxS4T9nFCt0 Y+1ySEdGA5FG6YKtDQfiZSn+mTJGdwu4uvD3bTJr6bDZM5T1aE1+rzUTOoVn+i/icFdrsm VmMPkxc6GkiRiGllmz3rONEwKhVrUXCMKgcvocjcyZ142QsxFa0l8QDTVESg5kNDKdlfvU WBUoe3Fhf9s0DxOuLDyduuRN2OEUHkrXTae/CNUrlRmjhgq64k5jdX8UJwgf7Q== Received: from mail02.haj.ipfire.org (localhost [IPv6:::1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4c8kSS1NY1z2yxC for ; Sun, 24 Aug 2025 06:25:28 +0000 (UTC) X-Original-To: development@lists.ipfire.org Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mail01.haj.ipfire.org", Issuer "R11" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4c8kSP3DVvz2xLt for ; Sun, 24 Aug 2025 06:25:25 +0000 (UTC) Received: from regulus.brecht-schule.hamburg (regulus.brecht-schule.hamburg [84.46.83.131]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "regulus.brecht-schule.hamburg", Issuer "R11" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4c8kSN2649z130 for ; Sun, 24 Aug 2025 06:25:24 +0000 (UTC) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=lists.ipfire.org; s=202003rsa; t=1756016724; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding:dkim-signature; bh=f8UFPsINmKQsl6R1dYpat0M1p2sHnCGqhsyhFkS92AQ=; b=u/BKksBsvDzyUBJATahhcCFZY/SmiZtxjSmQk0QoC7EjqUvYD3BZexboZoPrI8Nu8e00We 8JL/oa3vqS48gyGBEoyeUCJZuhsTgS0w9A379tif829g4IdzAMCJc9KSEIG9xNQgX9aW15 KYGHN6bmbnS1fnPDThLUsG1lMcBxPX0nErVzBJ3GOByEcAlKdMLf5JAakLpdNTuYM/RynY IvPeZ2ENwQQ5cwI3rPhU9L0KC1SEeB77hGtkQzIuV3l4McPQ+gEaNr9H3uQ/RH9IYYOCJb ulQEIl0X0Xw1SH0Brh2pGmjQquYNmrsiZbUFN3dMUkQfX3FWmoCZ8Olb7Y6BwQ== ARC-Authentication-Results: i=1; mail01.ipfire.org; dkim=pass header.d=brecht-schule.hamburg header.s=202101ed25519 header.b=GysbqEy6; dkim=pass header.d=brecht-schule.hamburg header.s=202101rsa header.b=UdBva8PB; dmarc=pass (policy=reject) header.from=brecht-schule.hamburg; spf=pass (mail01.ipfire.org: domain of dietzmann@brecht-schule.hamburg designates 84.46.83.131 as permitted sender) smtp.mailfrom=dietzmann@brecht-schule.hamburg ARC-Seal: i=1; s=202003rsa; d=lists.ipfire.org; t=1756016724; a=rsa-sha256; cv=none; b=X55cnv7gd/F2zltwy7qnhlJG+8FVrUUnPWNKXuB3umnHoqbtHQMeAPKYK+nAP2D/qYqt9k u0ltwxbHddtLhLzMRGIzto1rYbY4jl1DDdWxiQZL0SQNo2i72CgaIsBCHvDD9k5bHEAw8h auyzfZZ1cEgBsyTeGMMpw2snvWM/5CKMPIMLmMg8dsNSklm4RxTUXhrZmiaMRqG2tezwHk 63s10yUP1iIjiG0Vb2CyuWg1JkgedbbAVSBloJzxkScK3uwgKFwZW4G4IMqYDCg+mGdq1k moS5rmG4iXdq7gEt3v4cGB0ekt1Wrt+CZlvvo3PlZ0I1qf6ch3FJbosHQPQcwg== Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by regulus.brecht-schule.hamburg (Postfix) with ESMTPSA id 4c8kSM1PZlzgYcM; Sun, 24 Aug 2025 08:25:23 +0200 (CEST) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=brecht-schule.hamburg; s=202101ed25519; t=1756016723; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=f8UFPsINmKQsl6R1dYpat0M1p2sHnCGqhsyhFkS92AQ=; b=GysbqEy6hAhIYPP76mbgovOfNJO3YuuA+hm2OQwzk1hkvVbX2LBh17H5Qwjnz4eqvVsLgN XuNR/o1Le8xg65Bg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=brecht-schule.hamburg; s=202101rsa; t=1756016723; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=f8UFPsINmKQsl6R1dYpat0M1p2sHnCGqhsyhFkS92AQ=; b=UdBva8PBGRywubBXy9OZx79jLeFChhVTK8sB3fuBW32ayWY55/0P1ZCIa48zg6rI1np5js wnp7gQ1BPSesDByz7iuzioTjjxmQtdF/DW62ANw+jxXqKhHR+9EPF76KWtZf245KajAyvp kpJWoW3tTH35KyxoU6Ll0t4MOrhA/SPZQRhQv8SEOTmCERMK375nux2HoXL889oz3EieCs xygmMDdEIfU87QMxFe2v7OIpI7rsXnT2UaZZEwellu3GV/qMWmsiwp3lMS0Am00a7oplzN khiTtRpcdFNbprkKSiUace044Mbgj59Z+zVh6WLgycoAa1SWa45liZMs5pfcBw== Message-ID: <6d9b9a50-4479-422f-a370-540a59fa6959@brecht-schule.hamburg> Date: Sun, 24 Aug 2025 08:25:22 +0200 Precedence: list List-Id: List-Subscribe: , List-Unsubscribe: , List-Post: List-Help: Sender: Mail-Followup-To: MIME-Version: 1.0 Content-Language: en-US To: development@lists.ipfire.org Cc: Peer Dietzmann From: Peer Dietzmann Subject: sshd kill all sessions on deamon stop X-Rspamd-Server: mail01.haj.ipfire.org X-Rspamd-Queue-Id: 4c8kSS25kQz5TY X-Rspamd-Action: no action X-Spamd-Result: default: False [-13.28 / 11.00]; BAYES_HAM(-3.00)[99.99%]; FROM_INTERNAL_BULK_SENDERS(-2.00)[2001:678:b28::201]; DWL_DNSWL_MED(-2.00)[brecht-schule.hamburg:dkim]; R_DKIM_ALLOW(-1.64)[brecht-schule.hamburg:s=202101ed25519,brecht-schule.hamburg:s=202101rsa]; NEURAL_HAM(-1.00)[-1.000]; ARC_ALLOW(-1.00)[lists.ipfire.org:s=202003rsa:i=1]; DKIM_REPUTATION(-0.91)[-0.91065442339242]; RCVD_DKIM_ARC_DNSWL_MED(-0.50)[]; DMARC_POLICY_ALLOW_WITH_FAILURES(-0.50)[]; IP_REPUTATION_HAM(-0.23)[asn: 204867(-0.07), country: DE(0.00), ip: 2001:678:b28::(-0.17)]; RCVD_IN_DNSWL_MED(-0.20)[84.46.83.131:received]; MAILLIST(-0.18)[generic]; MIME_GOOD(-0.10)[text/plain]; MX_GOOD(-0.01)[]; HAS_LIST_UNSUB(-0.01)[]; RECEIVED_HELO_LOCALHOST(0.00)[]; RCPT_COUNT_TWO(0.00)[2]; MIME_TRACE(0.00)[0:+]; ARC_SIGNED(0.00)[ipfire.org:s=202003rsa:i=2]; RCVD_COUNT_THREE(0.00)[4]; TO_DN_SOME(0.00)[]; FUZZY_RATELIMITED(0.00)[rspamd.com]; DMARC_POLICY_ALLOW(0.00)[brecht-schule.hamburg,reject]; TAGGED_FROM(0.00)[bounces-835-patchwork=ipfire.org]; R_SPF_SOFTFAIL(0.00)[~all:c]; MID_RHS_MATCH_FROM(0.00)[]; FROM_NEQ_ENVFROM(0.00)[dietzmann@brecht-schule.hamburg,development@lists.ipfire.org]; FROM_HAS_DN(0.00)[]; RCVD_TLS_LAST(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; MISSING_XM_UA(0.00)[]; ASN(0.00)[asn:204867, ipnet:2001:678:b28::/48, country:DE]; DKIM_TRACE(0.00)[brecht-schule.hamburg:+]; FORGED_RECIPIENTS_MAILLIST(0.00)[]; FORGED_SENDER_MAILLIST(0.00)[] Hi All, I discovered, that while rebooting an IPFire instance via SSH my terminal keeps stuck after the broadcast message because IPFire isn't closing all active connection correctly. As it is annoying especially when using SSH in SSH connections because all connections have to be reopened manually, I thought of adding just one line to the init-script that closes all running sessions. Best regards, Peer diff --git a/src/initscripts/system/sshd b/src/initscripts/system/sshd index e5a9931af..e69904c61 100644 --- a/src/initscripts/system/sshd +++ b/src/initscripts/system/sshd @@ -50,6 +50,7 @@ case "$1" in      stop)          boot_mesg "Stopping SSH Server..."          killproc -p "/var/run/sshd.pid" /usr/sbin/sshd || true +        killall sshd-session          ;;      reload)