Date: Wed, 20 May 2009 13:18:15 +0200 From: Tobias Fendin <tobias.fendin@glocalnet.net> To: Dimitry Andric <dimitry@andric.com> Cc: Glen Barber <glen.j.barber@gmail.com>, hackers@freebsd.org, bug-followup@freebsd.org Subject: Re: bin/134694: gives false-positive when unable to obtain socket [WAS: sshd(8) - alert user when fails to execute from rc.d] Message-ID: <4A13E6F7.7070309@glocalnet.net> In-Reply-To: <4A13E180.1040606@andric.com> References: <4ad871310905181949s2874795eoa5ddf425746310bf@mail.gmail.com> <Ef8BU7l8PyKhYzlJNCX2WAa41WY@cgr/Aoyjz11KtFDB23HMnFSn04s> <4A13E180.1040606@andric.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Dimitry Andric wrote: > On 2009-05-20 12:19, Eygene Ryabinkin wrote: > >> You seem to mix two things: binding to the port and the output from rc.d >> 'status' command. Binding to the port is done by SSH by the bind(2) >> system call and if something is already listening on the given address, >> the socket won't be bound, so SSH daemon terminates. >> > > I think what might be confusing, is the fact that sshd dies due to > bind() failing, and it should; but you will only see this in the syslog, > NOT on the command line. > > E.g. the /etc/rc.d/sshd script will NOT give an error, because the > /usr/bin/sshd it calls will fork, and as soon as the fork is okay, the > original instance with exit with 0. The forked instance is what will > die on bind(), so you will not see any failures from it. > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org" > > Does the child really die? I did a little test: # /etc/rc.d/sshd status sshd is not running. # nc -l 22 >/tmp/ssh_test & [1] 1733 # /etc/rc.d/sshd start Starting sshd. # /etc/rc.d/sshd status sshd is running as pid 1740. # ssh someuser@localhost // This didn't timeout or anything, just didn't give any output. I killed it after a couple of minutes. ^C [1]+ Done nc -l 22 > /tmp/ssh_test # ssh someuser@localhost The authenticity of host 'localhost (::1)' can't be established. DSA key fingerprint is 9f:fa:ee:f5:39:c5:de:c4:8f:b9:c5:43:d8:9d:85:23. Are you sure you want to continue connecting (yes/no)? ^C # uname -a FreeBSD asator 7.0-RELEASE-p2 FreeBSD 7.0-RELEASE-p2 #0: Thu Mar 5 03:16:15 CET 2009 root@asator:/usr/obj/usr/src/sys/A_KERNEL i386 As you can see, the first execution of ssh connects to nc (which terminated when I killed the ssh client). And the second execution it gets through to sshd (thus, sshd never failed at it's startup). I don't know if this is the expected behavior, or if it has changed on -CURRENT.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4A13E6F7.7070309>