Bug 1029

Summary:

SIGTERM and cleanup of wtmp files

Product:

Portable OpenSSH

Reporter:

senthilkumar <senthilkumar_sen>

Component:

sshd

Assignee:

OpenSSH Bugzilla mailing list <openssh-bugs>

Status:

CLOSED FIXED

Severity:

normal

CC:

t8m

Priority:

Version:

4.0p1

Hardware:

All

OS:

All

Bug Depends on:

Bug Blocks:

1047

Attachments:

Description	Flags
SIGTERM handler for user sshd process	none
cleanup with less code in signal handler	none
Patch for Protocol 2 support	none
Updated patch	none

Description senthilkumar 2005-05-04 02:19:34 AEST

SSH is not cleaning up the wtmp files when SIGTERM is passed to user session 
process with Privilegeseparation disabled.

Comment 1 senthilkumar 2005-05-04 02:23:26 AEST

Created attachment 895 [details]
SIGTERM handler for user sshd process

The attached patch handles the SIGTERM to cleanup the wtmp files with
privilegeseparation disabled.

Comment 2 Darren Tucker 2005-05-05 20:30:36 AEST

Created attachment 897 [details]
cleanup with less code in signal handler

It's generally a bad idea to do too much in signal handlers since it's prone to
races.	(Some of the existing handlers break this rule, but we shouldn't add
any more, and should fix the existing ones if possible.)

Does the attached patch solve the problem?

Comment 3 senthilkumar 2005-05-06 19:36:24 AEST

The attachment id 897 is not cleaning the wtmp entries when SIGTERM is issued to 
user session process (Priv sep=no). My understanding is that, for Priv sep no, 
shell pid is logged for utmp/wtmp in OpenSSH code but when SIGTERM is issued, 
while doing do_cleanup() it may try to cleanup the entry for user sshd process.

Comment 4 senthilkumar 2005-05-12 23:41:11 AEST

Created attachment 909 [details]
Patch for Protocol 2 support

The patch (id=897) works for Protocol 1 but my environment strictly adheres to
Protocol 2. I simply added the protocol 2 support and it is working fine. Let
me know if the patch has any problems. With this Patch, the problem gets solved
in HP-UX.

Also when parent process exits from the loop and while doing cleanup the
SIGCHLD handler is set to do its default for server_loop() but not in
server_loop2(). Is there any specific reason? Is such a thing necessary for
SIGTERM?

Comment 5 Damien Miller 2005-10-30 12:16:09 AEDT

Created attachment 1016 [details]
Updated patch

I think this is better: check for SIGTERM, SIGINT and SIGQUIT and only activate these signal handlers for the !use_privsep case.

Comment 6 Damien Miller 2005-10-30 12:16:59 AEDT

put this on the radar

Comment 7 Damien Miller 2005-10-31 22:47:25 AEDT

patch applied, will be in 4.3. thanks!

Comment 8 Darren Tucker 2006-10-07 11:40:04 AEST

Change all RESOLVED bug to CLOSED with the exception of the ones fixed post-4.4.