Package: sslh Version: 1.18-1 sslh daemon itself does not close 0, 1 and 2 file descriptors when forking into background. And uses fprintf(stderr, "...") for reporting errors even when running in background mode.
When using sslh init.d script for starting sslh daemon, then sslh daemon
stay connected with terminal from which was started and prints there
stderr logs.
It is even worse when using sysv init daemon and having sslh to be
automatically started at boot time. startpar (which also starts sslh)
stays running forever as it waits until sslh detach from terminal.
Therefore sslh stderr messages are forwarded to tty 1 console and flood
it every time when sslh prints something to stdout.
startpar really should not be running after boot process finish.
See outputs:
$ ps auxf | grep sslh
sslh 2567 0.0 0.5 2276 880 ? Ss 2018 0:00 /usr/sbin/sslh
...
sslh 2570 0.0 0.2 2276 420 ? S 2018 0:00 \_
/usr/sbin/sslh ...
sslh 2571 0.0 0.2 2276 420 ? S 2018 0:00 \_
/usr/sbin/sslh ...
root 2599 0.0 0.5 1716 880 ? Ss 2018 0:00 startpar -f --
sslh
$ ls -l -a /proc/2567/fd
total 0
dr-x------ 2 root root 0 Jan 13 14:43 .
dr-xr-xr-x 7 sslh sslh 0 Dec 27 17:48 ..
lrwx------ 1 root root 64 Jan 13 14:43 0 -> /dev/console
lrwx------ 1 root root 64 Jan 13 14:43 1 -> /dev/pts/3
lrwx------ 1 root root 64 Jan 13 14:43 2 -> /dev/pts/3
lrwx------ 1 root root 64 Jan 13 14:43 3 -> socket:[6986]
lrwx------ 1 root root 64 Jan 13 14:43 4 -> socket:[6987]
lrwx------ 1 root root 64 Jan 13 14:43 5 -> socket:[6997]
$ ls -l -a /proc/2599/fd
total 0
dr-x------ 2 root root 0 Jan 13 14:43 .
dr-xr-xr-x 7 root root 0 Dec 27 17:48 ..
lrwx------ 1 root root 64 Jan 13 14:43 0 -> /dev/ptmx
lrwx------ 1 root root 64 Jan 13 14:43 1 -> /dev/console
lrwx------ 1 root root 64 Jan 13 14:43 2 -> /dev/console
To fix this problem, it is needed to tell start-stop-daemon in sslh init
script to automatically close 0, 1 and file descriptors.
start-stop-daemon does this automatically when invoked with --background
option (0, 1 and 2 are reopened with /dev/null).
So here is simple patch for sslh init.d script which fixes this problem:
--- /etc/init.d/sslh 2012-05-25 18:38:40.000000000 +0200
+++ /etc/init.d/sslh 2019-01-13 15:05:44.000000000 +0100
@@ -67,7 +67,7 @@ do_start()
start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON
--test > /dev/null \
|| return 1
- start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
+ start-stop-daemon --start --quiet --background --pidfile $PIDFILE
--exec $DAEMON -- \
$DAEMON_OPTS \
|| return 2
# Add code here, if necessary, that waits for the process to be ready
After applying this patch, file descriptor list for sslh is:
$ pidof sslh
19138 19137 19135
$ ls -l -a /proc/19135/fd
total 0
dr-x------ 2 root root 0 Jan 13 15:06 .
dr-xr-xr-x 7 sslh sslh 0 Jan 13 15:06 ..
lrwx------ 1 root root 64 Jan 13 15:06 0 -> /dev/null
lrwx------ 1 root root 64 Jan 13 15:06 1 -> /dev/null
lrwx------ 1 root root 64 Jan 13 15:06 2 -> /dev/null
lrwx------ 1 root root 64 Jan 13 15:06 3 -> socket:[496978]
lrwx------ 1 root root 64 Jan 13 15:06 4 -> socket:[496979]
lrwx------ 1 root root 64 Jan 13 15:06 5 -> socket:[496984]
So daemon is finally detached from terminal.
--
Pali Rohár
[email protected]
signature.asc
Description: PGP signature
