git: 6cd1bc531609 - main - freebsd-update: restart sshd after upgrade

Mon, 02 May 2022 11:39:26 -0700 

The branch main has been updated by emaste:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=6cd1bc53160973fc421c59f66aaa7e4b37a8cebe

commit 6cd1bc53160973fc421c59f66aaa7e4b37a8cebe
Author:     Ed Maste <ema...@freebsd.org>
AuthorDate: 2022-05-02 17:16:19 +0000
Commit:     Ed Maste <ema...@freebsd.org>
CommitDate: 2022-05-02 18:38:19 +0000

    freebsd-update: restart sshd after upgrade
    
    Sometimes the parent-child sshd protocol changes during an upgrade, and
    when this happens sshd will not accept new connections until it is
    restarted.
    
    PR:             263489
    Reviewed by:    kevans, gjb
    MFC after:      2 weeks
    Sponsored by:   The FreeBSD Foundation
    Differential Revision:  https://reviews.freebsd.org/D35109
---
 usr.sbin/freebsd-update/freebsd-update.sh | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/usr.sbin/freebsd-update/freebsd-update.sh 
b/usr.sbin/freebsd-update/freebsd-update.sh
index 9743cd652d16..078043326115 100644
--- a/usr.sbin/freebsd-update/freebsd-update.sh
+++ b/usr.sbin/freebsd-update/freebsd-update.sh
@@ -3023,6 +3023,14 @@ Kernel updates have been installed.  Please reboot and 
run
                install_from_index INDEX-NEW || return 1
                install_delete INDEX-OLD INDEX-NEW || return 1
 
+               # Restart sshd if running (PR263489).  Note that this does not
+               # affect child sshd processes handling existing sessions.
+               if service sshd status >/dev/null 2>/dev/null; then
+                       echo
+                       echo "Restarting sshd after upgrade"
+                       service sshd restart
+               fi
+
                # Rehash certs if we actually have certctl installed.
                if which certctl>/dev/null; then
                        env DESTDIR=${BASEDIR} certctl rehash

Reply via email to