I am trying, without success, to create an upstart config file to automatically start and restart an ssh proxy. The command sting that I use in the script has been checked and verified from the shell but it fails in the upstart file.
The file contents are:
. . . # proxy is used to authenticate smtp submissions # so start it before the postfix service starts start on starting postfix
# Take down proxy after postfix stops stop on stopped postfix
# tell upstart that this script creates a daemon # and have upstart manage PID creation # but it is generally a bad idea to use this with a # script / end script block, use exec() instead # no fork in ssh #expect fork
# restart automatically if connection fails respawn
# for script debugging with strace # but not available in 0.6.3 of course #debug # use strace -p <pid> -o /tmp/upstart_debug.log -Ff -s 1024 -v
# Setup script configuration variables:
# localhost means we do not expose proxy to internet env LOCAL_HOST=localhost
# port 143 is default IMAP service port for plain text connections env LOCAL_PORT=143
# ports less than 1024 require root privileges to establish # this must be a passwordless login using PKI certificates # requires one time setup of local root user ssh key and cert # and adding this host's root user cert to authorized_keys of # login host's root user. env LOGIN_USER=root
# login PKI credentials for LOGIN_USER env LOGIN_IDENT=/root/.ssh/id_rsa
# login host, may be different than remote host for port forwarding # must resolve to an address that sshd login server listens on env LOGIN_HOST=inet07.hamilton.harte-lyne.ca
# the remote host destination for port forwarding env REMOTE_HOST=inet07.hamilton.harte-lyne.ca
# port that remote service listens on env REMOTE_PORT=143
# Locate ssh binary env SSH_BINARY=/usr/bin/ssh
# SSH options used:
### -D : "dynamic" app-level port forwarding - not used. ###
# -f : run in background without a terminal implies -n
# -i : identity file for pki login credentials
# -l : login user name
# -L local_host:local_port:remote_host:remote_port # : Establishes proxy connection from local port # port on the remote host.
# -n : stdin from /dev/null, must be used when ssh is run in bg.
# -N : Do not run a command on the remote host. Otherwise an # error results because we are not initiating a session.
# -o ExitOnForwardFailure=yes : Wait until connection successfully # completes before daemonizing
# -o ServerAliveInterval=15 : Keep connection alive every 15 seconds
# -q : Run quietly, do not produce local output.
# -T : disable pseudo-tty allocation
# SSH options used env SSH_OPTIONS=" -o ExitOnForwardFailure=yes " env SSH_OPTIONS=${SSH_OPTIONS}" -o ServerAliveInterval=15 "
# SSH switches used: env SSH_SWITCHES=" -fNqT "
exec ${SSH_BINARY} ${SSH_OPTIONS} ${SSH_SWITCHES} -l ${LOGIN_USER} -i ${LOGIN_IDENT} -L ${LOCAL_HOST}:${LOCAL_PORT}:${REMOTE_HOST}:${REMOTE_PORT} ${LOGIN_HOST}
# EOF
The exec is all one line.
I have tried removing -f from the switches but this makes no difference. Whenever I start this job it immediately fails with the following in the syslog:
. . . May 30 16:47:06 inet08 init: LOCAL_ssh_imap_proxy main process ended, respawning May 30 16:47:06 inet08 init: LOCAL_ssh_imap_proxy main process (3393) terminated with status 255 May 30 16:47:06 inet08 init: LOCAL_ssh_imap_proxy main process ended, respawning May 30 16:47:06 inet08 init: LOCAL_ssh_imap_proxy main process (3397) terminated with status 255 May 30 16:47:06 inet08 init: LOCAL_ssh_imap_proxy respawning too fast, stopped
Is what I am doing wrong obvious to anyone?