Re: SSH: zombie appearse probably related to PAM
On Sat, Apr 20, 2002 at 20:07:53 +0400, Andrey A. Chernov wrote: On Sat, Apr 20, 2002 at 18:03:07 +0200, Dag-Erling Smorgrav wrote: Andrey A. Chernov [EMAIL PROTECTED] writes: It happens only with 'localhost' and not in remote case. To reproduce it, call: ssh localhost login normally and then exit. At exit you'll see following message on console (or /var/log/messages): sshd[its_pid]: error: session_by_pid: unknown pid some_pid I can't reproduce this. Well, I'll try to dig out more details after some sleep... Finally I found who is responsoble for zombie. Yes it is PAM as I think initially. This process started in the pam_init_ctx() function in the auth2-pam.c, then dies to zombie. I found it simply printing pid after each fork and looking into 'ps' and error diagnostic above. It means PAM forget to wait for its own child. Please fix. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-current in the body of the message
Re: SSH: zombie appearse probably related to PAM
Dag-Erling Smorgrav [EMAIL PROTECTED] writes: Actually, it means *sshd* omits waiting for its own child - PAM does not fork - and it still does not explain why I can't reproduce the problem. In any case, please try the attached patch. Umm, my brain was off when I wrote that. Here's a working patch (that also fixes some warnings) DES -- Dag-Erling Smorgrav - [EMAIL PROTECTED] //depot/user/des/pam/crypto/openssh/auth2-pam.c#1 - /usr/src/crypto/openssh/auth2-pam.c --- /tmp/tmp.36998.0 Sun Apr 21 20:00:05 2002 +++ /usr/src/crypto/openssh/auth2-pam.c Sun Apr 21 19:58:57 2002 @@ -41,6 +41,7 @@ #include security/pam_appl.h #include auth.h +#include log.h #include xmalloc.h struct pam_ctxt { @@ -128,8 +129,6 @@ void *data) { struct pam_ctxt *ctxt; - char *line; - size_t len; int i; ctxt = data; @@ -176,7 +175,6 @@ { struct pam_conv pam_conv = { pam_child_conv, ctxt }; pam_handle_t *pamh; - char *msg; int pam_err; pam_err = pam_start(sshd, ctxt-pam_user, pam_conv, pamh); @@ -315,10 +313,11 @@ pam_free_ctx(void *ctxtp) { struct pam_ctxt *ctxt = ctxtp; - int i; + int status; close(ctxt-pam_sock); kill(ctxt-pam_pid, SIGHUP); + waitpid(ctxt-pam_pid, status, 0); xfree(ctxt-pam_user); xfree(ctxt); }
Re: SSH: zombie appearse probably related to PAM
On Sun, Apr 21, 2002 at 20:02:59 +0200, Dag-Erling Smorgrav wrote: Dag-Erling Smorgrav [EMAIL PROTECTED] writes: Actually, it means *sshd* omits waiting for its own child - PAM does not fork - and it still does not explain why I can't reproduce the problem. In any case, please try the attached patch. Umm, my brain was off when I wrote that. Here's a working patch (that also fixes some warnings) The bug is gone after patch, thanx. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-current in the body of the message
Re: SSH: zombie appearse probably related to PAM
This one still present, libutil/login.c commit not fix it. On Sat, Apr 20, 2002 at 14:19:55 +0400, Andrey A. Chernov wrote: WARNING: this bug present even _before_ my changes, tested with session.c v1.22 It happens only with 'localhost' and not in remote case. To reproduce it, call: ssh localhost login normally and then exit. At exit you'll see following message on console (or /var/log/messages): sshd[its_pid]: error: session_by_pid: unknown pid some_pid This is harmless, because this some_pid is pid of sshd zombie, but how this zombie appearse? Why it not happens with remote login? I suspect that PAM code can be involved here, but I am not sure... -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-current in the body of the message