Date: Wed, 20 May 2009 14:19:22 +0400 From: Eygene Ryabinkin <rea-fbsd@codelabs.ru> To: Glen Barber <glen.j.barber@gmail.com> Cc: hackers@freebsd.org, bug-followup@freebsd.org Subject: Re: bin/134694: gives false-positive when unable to obtain socket [WAS: sshd(8) - alert user when fails to execute from rc.d] Message-ID: <Ef8BU7l8PyKhYzlJNCX2WAa41WY@cgr/Aoyjz11KtFDB23HMnFSn04s> In-Reply-To: <4ad871310905181949s2874795eoa5ddf425746310bf@mail.gmail.com> References: <4ad871310905181949s2874795eoa5ddf425746310bf@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Glen, good day. Mon, May 18, 2009 at 10:49:52PM -0400, Glen Barber wrote: > Earlier this evening, I submitted a PR about sshd(8) giving a > false-positive when starting on an already occupied socket[1]. I > would like to enable some form of console output when the rc.d script > is called if the service cannot properly bind to the socket, but I > want to make sure I do it "the right way." Reading through the PR, I can't figure out what do you mean. You're saying that 1. you spawn the other service on a port N; 2. then you're spawning SSH on the same port via rc.d script; 3. after this '/etc/rc.d/sshd status' gives you 'sshd is not running'. But this is completely right: after step 2 there will be no SSH daemon listening, because it fails to bind to the port. And the 'status' command of an rc.d script is perfectly correct -- no SSH daemon is running, really. > I was digging through src/crypto/openssh/sshd.c hoping to submit a > patch to enable this, but I'm not certain that is the right place to > be looking. After digging through erc/etc/rc.d/sshd, I am failing to > understand how the service would check the listening port, so now I > feel like I am hitting a wall. You seem to mix two things: binding to the port and the output from rc.d 'status' command. Binding to the port is done by SSH by the bind(2) system call and if something is already listening on the given address, the socket won't be bound, so SSH daemon terminates. 'status' (for the case of /etc/rc.d/sshd) deduces the status of the service from it's pid file (variable pidfile) with the subroutine check_pidfile. Look at /etc/rc.subr: 'status' is handled via "run_rc_command status" that evaluates _pidcmd that sets $rc_pid. And then $rc_pid it checked for being non-empty, and if emptiness found, command ----- echo "${name} is not running." ----- is executed. It produces the result you're seeing. So, I would say that the PR in question is somewhat false positive. -- Eygene _ ___ _.--. # \`.|\..----...-'` `-._.-'_.-'` # Remember that it is hard / ' ` , __.--' # to read the on-line manual )/' _/ \ `-_, / # while single-stepping the kernel. `-'" `"\_ ,_.-;_.-\_ ', fsc/as # _.-'_./ {_.' ; / # -- FreeBSD Developers handbook {_.-``-' {_/ #
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Ef8BU7l8PyKhYzlJNCX2WAa41WY>