Re: SSH: zombie appearse probably related to PAM
On Sun, Apr 21, 2002 at 20:02:59 +0200, Dag-Erling Smorgrav wrote: > Dag-Erling Smorgrav <[EMAIL PROTECTED]> writes: > > Actually, it means *sshd* omits waiting for its own child - PAM does > > not fork - and it still does not explain why I can't reproduce the > > problem. In any case, please try the attached patch. > > Umm, my brain was off when I wrote that. Here's a working patch (that > also fixes some warnings) The bug is gone after patch, thanx. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: SSH: zombie appearse probably related to PAM
Dag-Erling Smorgrav <[EMAIL PROTECTED]> writes: > Actually, it means *sshd* omits waiting for its own child - PAM does > not fork - and it still does not explain why I can't reproduce the > problem. In any case, please try the attached patch. Umm, my brain was off when I wrote that. Here's a working patch (that also fixes some warnings) DES -- Dag-Erling Smorgrav - [EMAIL PROTECTED] //depot/user/des/pam/crypto/openssh/auth2-pam.c#1 - /usr/src/crypto/openssh/auth2-pam.c --- /tmp/tmp.36998.0 Sun Apr 21 20:00:05 2002 +++ /usr/src/crypto/openssh/auth2-pam.c Sun Apr 21 19:58:57 2002 @@ -41,6 +41,7 @@ #include #include "auth.h" +#include "log.h" #include "xmalloc.h" struct pam_ctxt { @@ -128,8 +129,6 @@ void *data) { struct pam_ctxt *ctxt; - char *line; - size_t len; int i; ctxt = data; @@ -176,7 +175,6 @@ { struct pam_conv pam_conv = { pam_child_conv, ctxt }; pam_handle_t *pamh; - char *msg; int pam_err; pam_err = pam_start("sshd", ctxt->pam_user, &pam_conv, &pamh); @@ -315,10 +313,11 @@ pam_free_ctx(void *ctxtp) { struct pam_ctxt *ctxt = ctxtp; - int i; + int status; close(ctxt->pam_sock); kill(ctxt->pam_pid, SIGHUP); + waitpid(ctxt->pam_pid, &status, 0); xfree(ctxt->pam_user); xfree(ctxt); }
Re: SSH: zombie appearse probably related to PAM
On Sat, Apr 20, 2002 at 20:07:53 +0400, Andrey A. Chernov wrote: > On Sat, Apr 20, 2002 at 18:03:07 +0200, Dag-Erling Smorgrav wrote: > > "Andrey A. Chernov" <[EMAIL PROTECTED]> writes: > > > It happens only with 'localhost' and not in remote case. To > > > reproduce it, call: > > > ssh localhost > > > login normally and then exit. At exit you'll see following message on > > > console (or /var/log/messages): > > > > > > sshd[]: error: session_by_pid: unknown pid > > > > I can't reproduce this. > > Well, I'll try to dig out more details after some sleep... Finally I found who is responsoble for zombie. Yes it is PAM as I think initially. This process started in the pam_init_ctx() function in the auth2-pam.c, then dies to zombie. I found it simply printing pid after each fork and looking into 'ps' and error diagnostic above. It means PAM forget to wait for its own child. Please fix. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: SSH: zombie appearse probably related to PAM
This one still present, libutil/login.c commit not fix it. On Sat, Apr 20, 2002 at 14:19:55 +0400, Andrey A. Chernov wrote: > WARNING: this bug present even _before_ my changes, tested with session.c > v1.22 > > It happens only with 'localhost' and not in remote case. To > reproduce it, call: > ssh localhost > login normally and then exit. At exit you'll see following message on > console (or /var/log/messages): > > sshd[]: error: session_by_pid: unknown pid > > This is harmless, because this is pid of sshd zombie, but > how this zombie appearse? Why it not happens with remote login? > I suspect that PAM code can be involved here, but I am not sure... -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
SSH: zombie appearse probably related to PAM
WARNING: this bug present even _before_ my changes, tested with session.c v1.22 It happens only with 'localhost' and not in remote case. To reproduce it, call: ssh localhost login normally and then exit. At exit you'll see following message on console (or /var/log/messages): sshd[]: error: session_by_pid: unknown pid This is harmless, because this is pid of sshd zombie, but how this zombie appearse? Why it not happens with remote login? I suspect that PAM code can be involved here, but I am not sure... -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message