bin/134694: gives false-positive when unable to obtain socket [WAS: sshd(8) - alert user when fails to execute from rc.d]

Eygene Ryabinkin rea-fbsd at
Wed May 20 10:20:05 UTC 2009

The following reply was made to PR bin/134694; it has been noted by GNATS.

From: Eygene Ryabinkin <rea-fbsd at>
To: Glen Barber <glen.j.barber at>
Cc: hackers at, bug-followup at
Subject: Re: bin/134694: gives false-positive when unable to obtain socket
	[WAS: sshd(8) - alert user when fails to execute from rc.d]
Date: Wed, 20 May 2009 14:19:22 +0400

 Glen, good day.
 Mon, May 18, 2009 at 10:49:52PM -0400, Glen Barber wrote:
 > Earlier this evening, I submitted a PR about sshd(8) giving a
 > false-positive when starting on an already occupied socket[1].  I
 > would like to enable some form of console output when the rc.d script
 > is called if the service cannot properly bind to the socket, but I
 > want to make sure I do it "the right way."
 Reading through the PR, I can't figure out what do you mean.
 You're saying that
  1. you spawn the other service on a port N;
  2. then you're spawning SSH on the same port via rc.d script;
  3. after this '/etc/rc.d/sshd status' gives you 'sshd is not running'.
 But this is completely right: after step 2 there will be no SSH daemon
 listening, because it fails to bind to the port.  And the 'status'
 command of an rc.d script is perfectly correct -- no SSH daemon is
 running, really.
 > I was digging through src/crypto/openssh/sshd.c hoping to submit a
 > patch to enable this, but I'm not certain that is the right place to
 > be looking.  After digging through erc/etc/rc.d/sshd, I am failing to
 > understand how the service would check the listening port, so now I
 > feel like I am hitting a wall.
 You seem to mix two things: binding to the port and the output from rc.d
 'status' command.  Binding to the port is done by SSH by the bind(2)
 system call and if something is already listening on the given address,
 the socket won't be bound, so SSH daemon terminates.
 'status' (for the case of /etc/rc.d/sshd) deduces the status of the
 service from it's pid file (variable pidfile) with the subroutine
 check_pidfile.  Look at /etc/rc.subr: 'status' is handled via
 "run_rc_command status" that evaluates _pidcmd that sets $rc_pid.  And
 then $rc_pid it checked for being non-empty, and if emptiness found,
                                 echo "${name} is not running."
 is executed.  It produces the result you're seeing.
 So, I would say that the PR in question is somewhat false positive.
  _                ___       _.--.   #
  \`.|\..----...-'`   `-._.-'_.-'`   #  Remember that it is hard
  /  ' `         ,       __.--'      #  to read the on-line manual
  )/' _/     \   `-_,   /            #  while single-stepping the kernel.
  `-'" `"\_  ,_.-;_.-\_ ',  fsc/as   #
      _.-'_./   {_.'   ; /           #    -- FreeBSD Developers handbook
     {_.-``-'         {_/            #

More information about the freebsd-bugs mailing list