systemd 在 networkd 之前启动 sshd,导致没有 ssh 服务

systemd 在 networkd 之前启动 sshd,导致没有 ssh 服务

在我的 Ubuntu 23.04 系统上,systemd 将在 systemd-networkd 启动网络桥之前尝试启动 sshd

首先报告:无法分配请求的地址

进而:br0: netdev 就绪

systemd[1]: Listening on dbus.socket - D-Bus System Message Bus Socket.
systemd[730]: ssh.socket: Failed to create listening socket (10.1.0.1:22): s
systemd[1]: ssh.socket: Failed to receive listening socket (10.1.0.1:22): Input/output error
systemd[1]: ssh.socket: Failed to listen on sockets: Input/output error
systemd[1]: ssh.socket: Failed with result 'resources'.
systemd[1]: Failed to listen on ssh.socket - OpenBSD Secure Shell server socket.
systemd[1]: Dependency failed for ssh.service - OpenBSD Secure Shell server.
systemd[1]: ssh.service: Job ssh.service/start failed with result 'dependency'.
systemd[1]: Listening on uuidd.socket - UUID daemon activation socket.
systemd[1]: Reached target sockets.target - Socket Units.
systemd[1]: systemd-pcrphase-sysinit.service - TPM2 PCR Barrier (Initialization) was skipped because of an unmet condition check (Condition>
systemd[1]: Reached target basic.target - Basic System.
systemd[1]: Started acpid.service - ACPI event daemon.
audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='unit=acpid comm="systemd" exe="/usr/lib/systemd/sys>
systemd[1]: alsa-state.service - Manage Sound Card State (restore and store) was skipped because of an unmet condition check (ConditionPath>
systemd[1]: Starting alsa-restore.service - Save/Restore Sound Card State...
systemd[1]: Started anacron.service - Run anacron jobs.
audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='unit=anacron comm="systemd" exe="/usr/lib/systemd/s>
systemd[1]: Starting atopacct.service - Atop process accounting daemon...
anacron[733]: Anacron 2.3 started on 2023-04-21
systemd[1]: Starting avahi-daemon.service - Avahi mDNS/DNS-SD Stack...
anacron[733]: Normal exit (0 jobs run)
systemd[1]: Starting dbus.service - D-Bus System Message Bus...
kernel: bridge: filtering via arp/ip/ip6tables is no longer available by default. Update your scripts to load br_netfilter if you need this.
systemd[1]: Started dmesg.service - Save initial kernel messages after boot.
audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='unit=dmesg comm="systemd" exe="/usr/lib/systemd/sys>
avahi-daemon[735]: Found user 'avahi' (UID 115) and group 'avahi' (GID 121).
systemd-networkd[619]: br0: netdev ready

为什么 systemd 不等桥接器启动后才执行 sshd 服务?

我的网络设备:

$ networkctl 
IDX LINK     TYPE     OPERATIONAL SETUP     
  1 lo       loopback carrier     unmanaged
  2 enp101s0 ether    enslaved    configured
  3 eno1     ether    enslaved    configured
  4 eno2     ether    routable    configured
  5 br0      bridge   routable    configured

我的网络使用以下网络规划进行配置:

# Bridge config
network:
  version: 2
  renderer: networkd
  ethernets:
    # WAN port to cable modem.
    eno2:
      dhcp4: yes
      dhcp6: no
    # Currently not used.
    enx00242788156c:
      dhcp4: no
      dhcp6: no
    # LAN port to WAP
    eno1:
      dhcp4: no
      dhcp6: no
    # LAN port to switch.
    enp101s0:
      dhcp4: no
      dhcp6: no
  bridges:
    br0:
      interfaces:
        #- enx00242788156c
        - eno1
        - enp101s0
      addresses:
        - 10.1.0.1/16

注意:重新启动 sshd 服务将按预期工作,因为此时桥接器可用。

答案1

为什么 systemd 不等桥接器启动后才执行 sshd 服务?

您没有要求它这样做;2)所有服务默认都在 sockets.target 之后启动,因此如果您这样做了,那么延迟它们将导致排序周期;3)它基本上会破坏使用 .socket 单元的意义,而不仅仅是让 sshd 本身监听。

使用该[Socket] FreeBind=yes选项可以绑定到尚未分配的地址,而无需施加延迟。

相关内容