sshd.nix: Alternative fix for #19589

AFAICT, this issue only occurs when sshd is socket-activated. It turns out that the preStart script's stdout and stderr are connected to the socket, not just the main command's. So explicitly connect stderr to the journal and redirect stdout to stderr.
2017-03-31 16:16:27 +02:00
parent 4e79b0b075
commit 80b40fdf03
1 changed files with 5 additions and 0 deletions
--- a/nixos/modules/services/networking/ssh/sshd.nix
+++ b/nixos/modules/services/networking/ssh/sshd.nix
@@ -253,6 +253,10 @@ in

            preStart =
              ''
+                # Make sure we don't write to stdout, since in case of
+                # socket activation, it goes to the remote side (#19589).
+                exec >&2
+
                mkdir -m 0755 -p /etc/ssh

                ${flip concatMapStrings cfg.hostKeys (k: ''
@@ -270,6 +274,7 @@ in
                KillMode = "process";
              } // (if cfg.startWhenNeeded then {
                StandardInput = "socket";
+                StandardError = "journal";
              } else {
                Restart = "always";
                Type = "simple";