Description of problems: file: /usr/lib/systemd/system/sslh.service -ExecStart=/usr/sbin/sslh -F /etc/sslh.cfg ${DAEMON_OPTS} +ExecStart=/usr/sbin/sslh -F /etc/sslh.cfg $DAEMON_OPTS file: /etc/sysconfig/sslh non existent - should be there with defaults like: DAEMON_OPTS=--foreground --user sslh --listen 0.0.0.0:443 --ssl 127.0.0.1:8443 --ssh 127.0.0.1:22 file: /etc/sslh.cfg -# Change hostname with your external address name. -listen: -( - { host: "klaut-ng"; port: "443"; } -); - -protocols: -( - { name: "ssh"; service: "ssh"; host: "localhost"; port: "22"; probe: "builtin"; }, - { name: "http"; host: "localhost"; port: "80"; probe: "builtin"; }, - { name: "ssl"; host: "localhost"; port: "442"; probe: "builtin"; }, -); These defaults do not work. Use /etc/sysconfig/sslh instead. Version-Release number of selected component (if applicable): sslh-1.17-1.el7.x86_64
I disagree with using /etc/sysconfig/sslh to configure it in entirety (the whole reason for libconfig is to use /etc/sslh.cfg and that configuration file allows for other probes than builtin). The sysconfig file is nonexistent but the systemd service file does reference it if it exists ... How about this as an option that, so far as I can see, will satisfy your need but not affect current behaviour from a straight install ... 1) Create /etc/sysconfig/sslh from install 2) Have the systemd unit reference it 3) Have the default DAEMON_OPTS be '-F /etc/sslh.cfg' so it's clear and easily overridable rather than hard code that into the systemd unit. As for the defaults not working ... I was running on the reasoning that someone would have to change these anyway to configure appropriately - just as they'd have to config mod_ssl to use localhost (or a different port) and so on ... Setting the listening port to 0.0.0.0:443 would conflict with a standard install of httpd/mod_ssl ... and it's better to have mod_ssl listen on localhost:443 (selinux reasons etc) than to move that ... In fact the config file explicitly states "Change hostname with your external address name" to make this clear.
If you can let me know what you think of my alternative I can edit the package and push updates.
your approach... 1) Create /etc/sysconfig/sslh from install 2) Have the systemd unit reference it 3) Have the default DAEMON_OPTS be '-F /etc/sslh.cfg' so it's clear and easily overridable rather than hard code that into the systemd unit. ... is a reasonable compromise. Please push this update.
sslh-1.17-2.el7 has been submitted as an update for Fedora EPEL 7. https://admin.fedoraproject.org/updates/sslh-1.17-2.el7
Package sslh-1.17-2.el7: * should fix your issue, * was pushed to the Fedora EPEL 7 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=epel-testing sslh-1.17-2.el7' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-EPEL-2015-7382/sslh-1.17-2.el7 then log in and leave karma (feedback).
sslh-1.17-2.el7 has been pushed to the Fedora EPEL 7 stable repository. If problems still persist, please make note of it in this bug report.