Date: Tue, 23 Jul 2002 01:10:05 -0700 (PDT) From: Peter Pentchev <roam@ringlet.net> To: freebsd-bugs@FreeBSD.org Subject: Re: bin/40894: OpenSSH weird delays Message-ID: <200207230810.g6N8A5bL010222@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR bin/40894; it has been noted by GNATS. From: Peter Pentchev <roam@ringlet.net> To: Jan Srzednicki <winfried@expro.pl> Cc: FreeBSD-gnats-submit@FreeBSD.org Subject: Re: bin/40894: OpenSSH weird delays Date: Tue, 23 Jul 2002 11:02:36 +0300 On Mon, Jul 22, 2002 at 09:38:53PM +0200, Jan Srzednicki wrote: > > >Number: 40894 > >Category: bin > >Synopsis: OpenSSH weird delays > >Originator: Jan Srzednicki > >Release: FreeBSD 4.6.1-RELEASE i386 > >Description: > > I've noticed some strange behaviour of recent versions of OpenSSH sshd > daemon. When I turn the UDP blackhole on (sysctl > net.inet.udp.blackhole=1) and try to ssh to a given machine, the > connection stops on: [snip] > > 20:48:42.738508 10.0.1.2.1064 > 10.0.1.2.53: 4817+ PTR? 2.1.0.10.in-addr.arpa. (39) > 20:48:42.738729 10.0.1.2.1065 > 10.0.1.2.53: 4817+ PTR? 2.1.0.10.in-addr.arpa. (39) > 20:48:42.738833 10.0.1.2.1066 > 10.0.1.2.53: 4817+ PTR? 2.1.0.10.in-addr.arpa. (39) > 20:48:42.738930 10.0.1.2.1067 > 10.0.1.2.53: 4817+ PTR? 2.1.0.10.in-addr.arpa. (39) > > Well, well. > > [21:05] mizantrop:~(8)# cat /etc/resolv.conf > nameserver 10.0.1.10 > nameserver 10.0.1.11 > > But.. of course. It doesn't happen when I turn off the > UsePrivilegeSeparation. chroot()ed unprivileged process does not have > access to /etc/resolv.conf, so it tries to ask on local interface.. and > waits for a timeout. How is this 'strange'? :) You seem to have found the reason for the delays yourself. From there, it is only a little step to the idea of copying your /etc/resolv.conf into the privilege separation's tree; that is, mkdir -p /var/empty/etc && cp -p /etc/resolv.conf /var/empty/etc/ Does this help? G'luck, Peter -- Peter Pentchev roam@ringlet.net roam@FreeBSD.org PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553 This sentence claims to be an Epimenides paradox, but it is lying. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200207230810.g6N8A5bL010222>