bin/134694: gives false-positive when unable to obtain socket
[WAS: sshd(8) - alert user when fails to execute from rc.d]
Glen Barber
glen.j.barber at gmail.com
Wed May 20 15:10:03 UTC 2009
The following reply was made to PR bin/134694; it has been noted by GNATS.
From: Glen Barber <glen.j.barber at gmail.com>
To: rea-fbsd at codelabs.ru
Cc: hackers at freebsd.org, bug-followup at freebsd.org
Subject: Re: bin/134694: gives false-positive when unable to obtain socket
[WAS: sshd(8) - alert user when fails to execute from rc.d]
Date: Wed, 20 May 2009 10:38:18 -0400
Hi, Eygene
On Wed, May 20, 2009 at 6:19 AM, Eygene Ryabinkin <rea-fbsd at codelabs.ru> wr=
ote:
> Glen, good day.
>
> Mon, May 18, 2009 at 10:49:52PM -0400, Glen Barber wrote:
>> Earlier this evening, I submitted a PR about sshd(8) giving a
>> false-positive when starting on an already occupied socket[1]. =A0I
>> would like to enable some form of console output when the rc.d script
>> is called if the service cannot properly bind to the socket, but I
>> want to make sure I do it "the right way."
>
> Reading through the PR, I can't figure out what do you mean.
> You're saying that
> =A01. you spawn the other service on a port N;
> =A02. then you're spawning SSH on the same port via rc.d script;
> =A03. after this '/etc/rc.d/sshd status' gives you 'sshd is not running'.
>
> But this is completely right: after step 2 there will be no SSH daemon
> listening, because it fails to bind to the port. =A0And the 'status'
> command of an rc.d script is perfectly correct -- no SSH daemon is
> running, really.
>
That is correct. There is no daemon running, but there is no output
on the console that starting sshd failed -- it is only listed in
messages. (And if you don't know it failed, you may never look in
messages to realize this.)
>> I was digging through src/crypto/openssh/sshd.c hoping to submit a
>> patch to enable this, but I'm not certain that is the right place to
>> be looking. =A0After digging through erc/etc/rc.d/sshd, I am failing to
>> understand how the service would check the listening port, so now I
>> feel like I am hitting a wall.
>
> You seem to mix two things: binding to the port and the output from rc.d
> 'status' command. =A0Binding to the port is done by SSH by the bind(2)
> system call and if something is already listening on the given address,
> the socket won't be bound, so SSH daemon terminates.
>
> 'status' (for the case of /etc/rc.d/sshd) deduces the status of the
> service from it's pid file (variable pidfile) with the subroutine
> check_pidfile. =A0Look at /etc/rc.subr: 'status' is handled via
> "run_rc_command status" that evaluates _pidcmd that sets $rc_pid. =A0And
> then $rc_pid it checked for being non-empty, and if emptiness found,
> command
> -----
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0echo "${na=
me} is not running."
> -----
> is executed. =A0It produces the result you're seeing.
>
> So, I would say that the PR in question is somewhat false positive.
> --
> Eygene
> =A0_ =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0___ =A0 =A0 =A0 _.--. =A0 #
> =A0\`.|\..----...-'` =A0 `-._.-'_.-'` =A0 # =A0Remember that it is hard
> =A0/ =A0' ` =A0 =A0 =A0 =A0 , =A0 =A0 =A0 __.--' =A0 =A0 =A0# =A0to read =
the on-line manual
> =A0)/' _/ =A0 =A0 \ =A0 `-_, =A0 / =A0 =A0 =A0 =A0 =A0 =A0# =A0while sing=
le-stepping the kernel.
> =A0`-'" `"\_ =A0,_.-;_.-\_ ', =A0fsc/as =A0 #
> =A0 =A0 _.-'_./ =A0 {_.' =A0 ; / =A0 =A0 =A0 =A0 =A0 # =A0 =A0-- FreeBSD =
Developers handbook
> =A0 =A0{_.-``-' =A0 =A0 =A0 =A0 {_/ =A0 =A0 =A0 =A0 =A0 =A0#
>
--=20
Glen Barber
More information about the freebsd-bugs
mailing list