[Bug 2341] XQuartz X11 forwarding not working in OS X 10.10 Yosemite

[bugzilla-daemon]

https://bugzilla.mindrot.org/show_bug.cgi?id=2341

--- Comment #17 from Jakob Schlyter  ---
Almost 2 years now, still not fixed. What's holding this back?

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
___
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

[Bug 2646] zombie processes when using privilege separation

[bugzilla-daemon]

https://bugzilla.mindrot.org/show_bug.cgi?id=2646

Darren Tucker  changed:

   What|Removed |Added

 CC||dtuc...@zip.com.au

--- Comment #2 from Darren Tucker  ---
(In reply to Akshay from comment #0)
> I'm using `OpenSSH_7.2p2 Ubuntu-4ubuntu1, OpenSSL 1.0.2g-fips` and

That's a vendor-modified version of OpenSSH.  Can you reproduce the
problem with a binary built from the stock sources from openssh.com? 
What command line flags is sshd invoked with?

> Is there any reason that sshd can't reap its children after they
> exit?

It does (or at least it should):
https://anongit.mindrot.org/openssh.git/tree/sshd.c#n317

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
___
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

[Bug 2646] New: zombie processes when using privilege separation

[bugzilla-daemon]

https://bugzilla.mindrot.org/show_bug.cgi?id=2646

Bug ID: 2646
   Summary: zombie processes when using privilege separation
   Product: Portable OpenSSH
   Version: 7.2p2
  Hardware: ix86
OS: Linux
Status: NEW
  Severity: minor
  Priority: P5
 Component: sshd
  Assignee: unassigned-b...@mindrot.org
  Reporter: akshay.mo...@gmail.com

I'm using `OpenSSH_7.2p2 Ubuntu-4ubuntu1, OpenSSL 1.0.2g-fips` and I've
explicitly enabled UsePrivilegeSeparation.

With this I notice that the [priv] process does not get reaped by its
parent (sshd) and as a result is adopted by whatever pid 1 happens to
be. Normally this is okay since most init systems will handle this
correctly, however in containers we might encounter homemade "init"
systems that only serve to propagate signals but don't reap adopted
zombie processes. In such cases we accumulate these zombies over time
and can lead to obvious problems.

Is there any reason that sshd can't reap its children after they exit?

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
___
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

[Bug 2646] zombie processes when using privilege separation

[bugzilla-daemon]

https://bugzilla.mindrot.org/show_bug.cgi?id=2646

--- Comment #1 from Akshay  ---
Steps to reproduce the issue:

- using a docker container running phusion/baseimage:latest.
- modify sshd_config to explicitly enable UsePrivilegeSeparation
- start sshd
- trace the init process in the container
- ssh into the container, then exit
- notice that the init process ends up 'wait'ing for the zombied sshd

Alternatively

- hack up a 'init' process that simply launches sshd in the container
- log in , log out
- notice `ps auxf` listing in the container now has zombie ssh process

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
___
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

[Bug 2646] zombie processes when using privilege separation

[bugzilla-daemon]

https://bugzilla.mindrot.org/show_bug.cgi?id=2646

Akshay  changed:

   What|Removed |Added

 CC||akshay.mo...@gmail.com

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
___
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs