[SOLVED] How to start/stop/restart sshd with Monit in GUI

Started by LouieLouie, May 19, 2019, 07:54:42 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
May 19, 2019, 07:54:42 PM Last Edit: May 20, 2019, 01:04:50 PM by LouieLouie
Running opnsense 19.1.8, I am trying to add sshd to Monit service monitoring. In the gui, the start and stop commands are required with the full path to the command. I've searched freebsd forums and tutorials, the /etc/rc.d commands don't work (can't even find rc.config), the 'service sshd start' commands aren't accepted.

May I ask for help, please? Thanks in advance!
May 20, 2019, 09:01:47 AM #1
Try:

Code Select
# /usr/local/sbin/configctl sshd restart

More about configctl:
https://docs.opnsense.org/development/backend/configd.html
Intel(R) Xeon(R) Silver 4116 CPU @ 2.10GHz (24 cores)
256 GB RAM, 300GB RAID1, 3x4 10G Chelsio T540-CO-SR
May 20, 2019, 01:10:11 PM #2
hbc:  Thank you!

This
Code Select
# /usr/local/sbin/configctl sshd restart didn't work because the default configd script is named openssh instead of sshd.  But, by changing 'sshd' to 'openssh' , it worked.

I've never heard of configctl, that helped immensely.  Thanks for you time!
May 20, 2019, 09:08:27 PM #3
Hi,

I built something for you:

# pluginctl -s
configd
dhcpd
dhcpd6
dnsmasq
dpinger
dyndns
flowd_aggregate
ipfw
login
ntpd
openssh
pf
radvd
samplicate
strongswan
syslog
unbound
# pluginctl -s openssh stop
Connection to 10.0.0.1 closed by remote host.
Connection to 10.0.0.1 closed.

It hooks into the service control functionality (start, stop, restart) that you can see on the GUI. It's a patch that will likely be in 19.1.9.

https://github.com/opnsense/core/commit/255e9b76

You can try it on 19.1.8 using this command:

# opnsense-patch 255e9b76


Cheers,
Franco
May 21, 2019, 11:09:19 PM #4
Franco, got a 'hunks failed' message when I attempted the patch:

sudo opnsense-patch 255e9b76
Password:
Fetched 255e9b76 via https://github.com/opnsense/core
1 out of 1 hunks failed while patching sbin/pluginctl

OPNsense 19.1.8-amd64
FreeBSD 11.2-RELEASE-p10-HBSD
LibreSSL 2.8.3
May 22, 2019, 02:39:00 PM #5
Oh, doesn't patch cleanly because of require header stuff....maybe fetch the raw file instead:

# cd /usr/local/sbin
# fetch https://raw.githubusercontent.com/opnsense/core/master/src/sbin/pluginctl
# chmod 755 pluginctl


Cheers,
Franco
May 23, 2019, 02:21:42 PM #6
That worked.  I cat'd pluginctl, hoping that I understand correctly  ??? .  Testing today.  Thanks!
May 23, 2019, 06:51:07 PM #7
Franco,

May I ask if you could explain the use of 'pluginctl -c' or '-s' (configure mode vs service mode)?

Aside from that I tried it at the command line using -s and it worked.  Adding it to the monit config for unbound and openssh now.
May 23, 2019, 07:15:26 PM #8
Hi LouieLouie,

So configure mode (-c) is calling internal functions to reload the configuration and (all of its) services. Service mode (-s) simply starts stops or restarts a particular service without reconfiguring it.

-c without an argument gives you all possible reconfiguration "points" like bootup, local, remote, vpn where services can be clustered. These calls are all over the code to provide hooks to plugins.

-s without an argument gives you all configured services on the box for starting or stopping them manually (like you would in the GUI under System: Services).


Cheers,
Franco
July 19, 2019, 01:22:13 AM #9
I am trying to setup monit for unbound because it fails to start on boot

Code Select
root@router:~ # pluginctl -s
root@router:~ #

It doesn't return anything and pluginctl -s unbound start/stop/restart has no effect
Print
Go Up Pages1
User actions