Re: SSH: zombie appearse probably related to PAM
On Sat, Apr 20, 2002 at 20:07:53 +0400, Andrey A. Chernov wrote: On Sat, Apr 20, 2002 at 18:03:07 +0200, Dag-Erling Smorgrav wrote: Andrey A. Chernov [EMAIL PROTECTED] writes: It happens only with 'localhost' and not in remote case. To reproduce it, call: ssh localhost login normally and then exit. At exit you'll see following message on console (or /var/log/messages): sshd[its_pid]: error: session_by_pid: unknown pid some_pid I can't reproduce this. Well, I'll try to dig out more details after some sleep... Finally I found who is responsoble for zombie. Yes it is PAM as I think initially. This process started in the pam_init_ctx() function in the auth2-pam.c, then dies to zombie. I found it simply printing pid after each fork and looking into 'ps' and error diagnostic above. It means PAM forget to wait for its own child. Please fix. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-current in the body of the message
Re: SSH: zombie appearse probably related to PAM
Dag-Erling Smorgrav [EMAIL PROTECTED] writes:
Actually, it means *sshd* omits waiting for its own child - PAM does
not fork - and it still does not explain why I can't reproduce the
problem. In any case, please try the attached patch.
Umm, my brain was off when I wrote that. Here's a working patch (that
also fixes some warnings)
DES
--
Dag-Erling Smorgrav - [EMAIL PROTECTED]
//depot/user/des/pam/crypto/openssh/auth2-pam.c#1 - /usr/src/crypto/openssh/auth2-pam.c
--- /tmp/tmp.36998.0 Sun Apr 21 20:00:05 2002
+++ /usr/src/crypto/openssh/auth2-pam.c Sun Apr 21 19:58:57 2002
@@ -41,6 +41,7 @@
#include security/pam_appl.h
#include auth.h
+#include log.h
#include xmalloc.h
struct pam_ctxt {
@@ -128,8 +129,6 @@
void *data)
{
struct pam_ctxt *ctxt;
- char *line;
- size_t len;
int i;
ctxt = data;
@@ -176,7 +175,6 @@
{
struct pam_conv pam_conv = { pam_child_conv, ctxt };
pam_handle_t *pamh;
- char *msg;
int pam_err;
pam_err = pam_start(sshd, ctxt-pam_user, pam_conv, pamh);
@@ -315,10 +313,11 @@
pam_free_ctx(void *ctxtp)
{
struct pam_ctxt *ctxt = ctxtp;
- int i;
+ int status;
close(ctxt-pam_sock);
kill(ctxt-pam_pid, SIGHUP);
+ waitpid(ctxt-pam_pid, status, 0);
xfree(ctxt-pam_user);
xfree(ctxt);
}
Re: SSH: zombie appearse probably related to PAM
On Sun, Apr 21, 2002 at 20:02:59 +0200, Dag-Erling Smorgrav wrote: Dag-Erling Smorgrav [EMAIL PROTECTED] writes: Actually, it means *sshd* omits waiting for its own child - PAM does not fork - and it still does not explain why I can't reproduce the problem. In any case, please try the attached patch. Umm, my brain was off when I wrote that. Here's a working patch (that also fixes some warnings) The bug is gone after patch, thanx. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-current in the body of the message
Re: SSH: zombie appearse probably related to PAM
This one still present, libutil/login.c commit not fix it. On Sat, Apr 20, 2002 at 14:19:55 +0400, Andrey A. Chernov wrote: WARNING: this bug present even _before_ my changes, tested with session.c v1.22 It happens only with 'localhost' and not in remote case. To reproduce it, call: ssh localhost login normally and then exit. At exit you'll see following message on console (or /var/log/messages): sshd[its_pid]: error: session_by_pid: unknown pid some_pid This is harmless, because this some_pid is pid of sshd zombie, but how this zombie appearse? Why it not happens with remote login? I suspect that PAM code can be involved here, but I am not sure... -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-current in the body of the message
