Re: SSH: zombie appearse probably related to PAM
On Sun, Apr 21, 2002 at 20:02:59 +0200, Dag-Erling Smorgrav wrote: > Dag-Erling Smorgrav <[EMAIL PROTECTED]> writes: > > Actually, it means *sshd* omits waiting for its own child - PAM does > > not fork - and it still does not explain why I can't reproduce the > > problem. In any case, please try the attached patch. > > Umm, my brain was off when I wrote that. Here's a working patch (that > also fixes some warnings) The bug is gone after patch, thanx. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: SSH: zombie appearse probably related to PAM
Dag-Erling Smorgrav <[EMAIL PROTECTED]> writes:
> Actually, it means *sshd* omits waiting for its own child - PAM does
> not fork - and it still does not explain why I can't reproduce the
> problem. In any case, please try the attached patch.
Umm, my brain was off when I wrote that. Here's a working patch (that
also fixes some warnings)
DES
--
Dag-Erling Smorgrav - [EMAIL PROTECTED]
//depot/user/des/pam/crypto/openssh/auth2-pam.c#1 - /usr/src/crypto/openssh/auth2-pam.c
--- /tmp/tmp.36998.0 Sun Apr 21 20:00:05 2002
+++ /usr/src/crypto/openssh/auth2-pam.c Sun Apr 21 19:58:57 2002
@@ -41,6 +41,7 @@
#include
#include "auth.h"
+#include "log.h"
#include "xmalloc.h"
struct pam_ctxt {
@@ -128,8 +129,6 @@
void *data)
{
struct pam_ctxt *ctxt;
- char *line;
- size_t len;
int i;
ctxt = data;
@@ -176,7 +175,6 @@
{
struct pam_conv pam_conv = { pam_child_conv, ctxt };
pam_handle_t *pamh;
- char *msg;
int pam_err;
pam_err = pam_start("sshd", ctxt->pam_user, &pam_conv, &pamh);
@@ -315,10 +313,11 @@
pam_free_ctx(void *ctxtp)
{
struct pam_ctxt *ctxt = ctxtp;
- int i;
+ int status;
close(ctxt->pam_sock);
kill(ctxt->pam_pid, SIGHUP);
+ waitpid(ctxt->pam_pid, &status, 0);
xfree(ctxt->pam_user);
xfree(ctxt);
}
Re: SSH: zombie appearse probably related to PAM
On Sat, Apr 20, 2002 at 20:07:53 +0400, Andrey A. Chernov wrote: > On Sat, Apr 20, 2002 at 18:03:07 +0200, Dag-Erling Smorgrav wrote: > > "Andrey A. Chernov" <[EMAIL PROTECTED]> writes: > > > It happens only with 'localhost' and not in remote case. To > > > reproduce it, call: > > > ssh localhost > > > login normally and then exit. At exit you'll see following message on > > > console (or /var/log/messages): > > > > > > sshd[]: error: session_by_pid: unknown pid > > > > I can't reproduce this. > > Well, I'll try to dig out more details after some sleep... Finally I found who is responsoble for zombie. Yes it is PAM as I think initially. This process started in the pam_init_ctx() function in the auth2-pam.c, then dies to zombie. I found it simply printing pid after each fork and looking into 'ps' and error diagnostic above. It means PAM forget to wait for its own child. Please fix. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: SSH: zombie appearse probably related to PAM
This one still present, libutil/login.c commit not fix it. On Sat, Apr 20, 2002 at 14:19:55 +0400, Andrey A. Chernov wrote: > WARNING: this bug present even _before_ my changes, tested with session.c > v1.22 > > It happens only with 'localhost' and not in remote case. To > reproduce it, call: > ssh localhost > login normally and then exit. At exit you'll see following message on > console (or /var/log/messages): > > sshd[]: error: session_by_pid: unknown pid > > This is harmless, because this is pid of sshd zombie, but > how this zombie appearse? Why it not happens with remote login? > I suspect that PAM code can be involved here, but I am not sure... -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
SSH: zombie appearse probably related to PAM
WARNING: this bug present even _before_ my changes, tested with session.c v1.22 It happens only with 'localhost' and not in remote case. To reproduce it, call: ssh localhost login normally and then exit. At exit you'll see following message on console (or /var/log/messages): sshd[]: error: session_by_pid: unknown pid This is harmless, because this is pid of sshd zombie, but how this zombie appearse? Why it not happens with remote login? I suspect that PAM code can be involved here, but I am not sure... -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
