[Bug 2646] zombie processes when using privilege separation
https://bugzilla.mindrot.org/show_bug.cgi?id=2646 --- Comment #8 from Akshay--- Also, adding the one line patch you suggested (on to 7.2p2*) does not fix the problem. I still see processes marked 'defunct' once I log out. * = your patch was probably on a different branch, because the line nos didnt seem to align. I was able to find the appropriate line using the comment above it -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2646] zombie processes when using privilege separation
https://bugzilla.mindrot.org/show_bug.cgi?id=2646 --- Comment #7 from Akshay--- Here is what happened when I tested with the '-r' option: Initially... root@4871a0e3589e:/# ps auxf USER PID %CPU %MEMVSZ RSS TTY STAT START TIME COMMAND root 9 0.0 0.0 18248 3308 ?Ss 01:14 0:00 /bin/bash root27 0.0 0.0 34424 2908 ?R+ 01:14 0:00 \_ ps auxf root 1 0.1 0.0 40356 8196 ?Ssl+ 01:14 0:00 /usr/bin/ruby -- /init.rb root 8 0.0 0.0 26468 3772 ?S+ 01:14 0:00 /usr/sbin/sshd -D -r root19 0.0 0.0 29028 4084 ?Ss 01:14 0:00 \_ sshd: nsadmin [priv] nsadmin 21 0.0 0.0 29028 2668 ?S01:14 0:00 \_ sshd: nsadmin@pts/0 nsadmin 22 0.0 0.0 18252 3204 pts/0Ss+ 01:14 0:00 \_ -bash Later, (after login then logout)... root@4871a0e3589e:/# ps auxf USER PID %CPU %MEMVSZ RSS TTY STAT START TIME COMMAND root 9 0.0 0.0 18248 3324 ?Ss 01:14 0:00 /bin/bash root29 0.0 0.0 34424 2824 ?R+ 01:14 0:00 \_ ps auxf root 1 0.1 0.0 40356 8196 ?Ssl+ 01:14 0:00 /usr/bin/ruby -- /init.rb root 8 0.0 0.0 26468 3772 ?S+ 01:14 0:00 /usr/sbin/sshd -D -r nsadmin 21 0.0 0.0 0 0 ?Z01:14 0:00 [sshd] -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2341] XQuartz X11 forwarding not working in OS X 10.10 Yosemite
https://bugzilla.mindrot.org/show_bug.cgi?id=2341 Damien Millerchanged: What|Removed |Added Attachment #2917||ok+ Flags|| -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2341] XQuartz X11 forwarding not working in OS X 10.10 Yosemite
https://bugzilla.mindrot.org/show_bug.cgi?id=2341 Darren Tuckerchanged: What|Removed |Added Attachment #2916|0 |1 is obsolete|| --- Comment #22 from Darren Tucker --- Created attachment 2917 --> https://bugzilla.mindrot.org/attachment.cgi?id=2917=edit OSX X11: if using launchd socket, remove the screen number (In reply to Damien Miller from comment #21) > hemi-demi-nitpick: remove braces done. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2341] XQuartz X11 forwarding not working in OS X 10.10 Yosemite
https://bugzilla.mindrot.org/show_bug.cgi?id=2341 Damien Millerchanged: What|Removed |Added Attachment #2915|0 |1 is obsolete|| -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2341] XQuartz X11 forwarding not working in OS X 10.10 Yosemite
https://bugzilla.mindrot.org/show_bug.cgi?id=2341 Damien Millerchanged: What|Removed |Added Attachment #2916||ok+ Flags|| --- Comment #21 from Damien Miller --- Comment on attachment 2916 --> https://bugzilla.mindrot.org/attachment.cgi?id=2916 OSX X11: if using launchd socket, remove the screen number >+ if (stat(path, ) == 0) { >+ return 1; >+ } hemi-demi-nitpick: remove braces -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2341] XQuartz X11 forwarding not working in OS X 10.10 Yosemite
https://bugzilla.mindrot.org/show_bug.cgi?id=2341 --- Comment #20 from Darren Tucker--- Created attachment 2916 --> https://bugzilla.mindrot.org/attachment.cgi?id=2916=edit OSX X11: if using launchd socket, remove the screen number (In reply to Damien Miller from comment #19) > no need to wrap the remainder in and else block after return here. done > I'd stick "char *dot" at the start of the function and do > "if ((dot = strrchr(path, '.')) != NULL {" > on one line, but that's nitpicking :) done [...] > also nitpicking: maybe we should move this whole lot into a separate > function? left this one for now. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2341] XQuartz X11 forwarding not working in OS X 10.10 Yosemite
https://bugzilla.mindrot.org/show_bug.cgi?id=2341 Damien Millerchanged: What|Removed |Added Attachment #2915|ok?(d...@mindrot.org)|ok+ Flags|| --- Comment #19 from Damien Miller --- Comment on attachment 2915 --> https://bugzilla.mindrot.org/attachment.cgi?id=2915 OSX X11: if using launchd socket, remove the screen number This is ok, my comments are just nitpicks: >+ if (stat(path, ) == 0) { >+ return 1; no need to wrap the remainder in and else block after return here. >+ } else { >+ char *dot = strrchr(path, '.'); I'd stick "char *dot" at the start of the function and do "if ((dot = strrchr(path, '.')) != NULL {" on one line, but that's nitpicking :) > #ifdef __APPLE__ >- if (strncmp(display, "/tmp/launch", 11) == 0) { >- sock = connect_local_xsocket_path(display); >- if (sock < 0) >- return -1; >+ /* Check if display is a path to a socket (as set by launchd). */ >+ { >+ char path[PATH_MAX]; > >- /* OK, we now have a connection to the display. */ >- return sock; >+ if (is_path_to_xsocket(display, path, sizeof(path))) { >+ debug("x11_connect_display: $DISPLAY is launchd"); >+ >+ /* Create a socket. */ >+ sock = connect_local_xsocket_path(path); >+ if (sock < 0) >+ return -1; >+ >+ /* OK, we now have a connection to the display. */ >+ return sock; also nitpicking: maybe we should move this whole lot into a separate function? -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2341] XQuartz X11 forwarding not working in OS X 10.10 Yosemite
https://bugzilla.mindrot.org/show_bug.cgi?id=2341 Darren Tuckerchanged: What|Removed |Added Attachment #2871|0 |1 is obsolete|| Attachment #2915||ok?(d...@mindrot.org) Flags|| --- Comment #18 from Darren Tucker --- Created attachment 2915 --> https://bugzilla.mindrot.org/attachment.cgi?id=2915=edit OSX X11: if using launchd socket, remove the screen number (In reply to Jakob Schlyter from comment #17) > Almost 2 years now, still not fixed. What's holding this back? Well, there was no patch that had the issues addressed and had been tested. This takes your last patch and fixes djm's comment#15. Could you please try it? -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2646] zombie processes when using privilege separation
https://bugzilla.mindrot.org/show_bug.cgi?id=2646 --- Comment #6 from Darren Tucker--- Created attachment 2914 --> https://bugzilla.mindrot.org/attachment.cgi?id=2914=edit Add sigchld handler to inetd mode path I think this patch would also fix it. Could you please try it? -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2646] zombie processes when using privilege separation
https://bugzilla.mindrot.org/show_bug.cgi?id=2646 --- Comment #5 from Darren Tucker--- (In reply to Akshay from comment #4) > Okay, I was able to reproduce the issue using `OpenSSH_7.2p2, > OpenSSL 1.0.2g 1 Mar 2016` Thanks. > nsadmin 22 0.0 0.0 0 0 ?Z22:48 0:00 > [sshd] If I'm reading this correctly that's the post-auth unprivileged process (pid 22 in this example) not the [priv] process (pid 20 in this example). I think I can see how this would happen. After accepting the connection and forking off a copy, sshd re-execs itself with the "-R" flag in order to (hopefully) get a new address space layout. -R sets: case 'R': rexeced_flag = 1; inetd_flag = 1; then a bit later when the signal handlers are set up: /* Get a connection, either from inetd or a listening TCP socket */ if (inetd_flag) { server_accept_inetd(_in, _out); } else { [...] signal(SIGCHLD, main_sigchld_handler); You can test this theory by running your sshd with the (undocumented) "-r" option to disable the re-exec. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2646] zombie processes when using privilege separation
https://bugzilla.mindrot.org/show_bug.cgi?id=2646 --- Comment #4 from Akshay--- Okay, I was able to reproduce the issue using `OpenSSH_7.2p2, OpenSSL 1.0.2g 1 Mar 2016` First, I have a simple 'init' program that runs in a container. All it does is it launches sshd, and waits for the TERM signal. On receipt of TERM, it TERMs sshd, and exits. So, initially, here is what I see: root@4871a0e3589e:/# ps auxf USER PID %CPU %MEMVSZ RSS TTY STAT START TIME COMMAND root 9 0.0 0.0 18248 3384 ?Ss 22:47 0:00 bash root19 0.0 0.0 34424 2820 ?R+ 22:48 0:00 \_ ps auxf root 1 0.4 0.0 40364 8220 ?Ssl+ 22:47 0:00 /usr/bin/ruby -- /init.rb root 8 0.0 0.0 26468 3844 ?S+ 22:47 0:00 /usr/sbin/sshd -D The bash process (that spawns ps) is 'exec'd in the container using docker exec so that I can view the process listing "out-of-band" (i.e without exercising sshd) Next, I log in, and list the processes (in-band, this time). This is what i see: nsadmin@4871a0e3589e:~$ ps auxf USER PID %CPU %MEMVSZ RSS TTY STAT START TIME COMMAND root 1 0.0 0.0 40364 8220 ?Ssl+ 22:47 0:00 /usr/bin/ruby -- /init.rb root 8 0.0 0.0 26468 3844 ?S+ 22:47 0:00 /usr/sbin/sshd -D root20 0.0 0.0 29028 4532 ?Ss 22:48 0:00 \_ sshd: nsadmin [priv] nsadmin 22 0.0 0.0 29028 2624 ?S22:48 0:00 \_ sshd: nsadmin@pts/0 nsadmin 23 0.0 0.0 18256 3216 pts/0Ss 22:48 0:00 \_ -bash nsadmin 28 0.0 0.0 34424 2932 pts/0R+ 22:48 0:00 \_ ps auxf Then, I log out of the ssh session, and get the process listing using an exec'd shell: USER PID %CPU %MEMVSZ RSS TTY STAT START TIME COMMAND root29 0.0 0.0 18248 3264 ?Ss 22:48 0:00 /bin/bash root40 0.0 0.0 34424 2876 ?R+ 22:48 0:00 \_ ps auxf root 1 0.0 0.0 40364 8220 ?Ssl+ 22:47 0:00 /usr/bin/ruby -- /init.rb root 8 0.0 0.0 26468 3844 ?S+ 22:47 0:00 /usr/sbin/sshd -D nsadmin 22 0.0 0.0 0 0 ?Z22:48 0:00 [sshd] -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2646] zombie processes when using privilege separation
https://bugzilla.mindrot.org/show_bug.cgi?id=2646 --- Comment #3 from Akshay--- > Can you reproduce the problem with a binary built from the stock sources from > openssh.com Sure, I'll go ahead and do that > What command line flags is sshd invoked with I'll provide those as well -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 2341] XQuartz X11 forwarding not working in OS X 10.10 Yosemite
https://bugzilla.mindrot.org/show_bug.cgi?id=2341 Damien Millerchanged: What|Removed |Added Attachment #2871|ok?(d...@mindrot.org)|ok+ Flags|| -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs