Bug#367993: openssh-server: /etc/init.d/ssh start does not signal error for UID > 0

To: Jari Aalto <jari.aalto@cante.net>, 367993@bugs.debian.org
Cc: control@bugs.debian.org
Subject: Bug#367993: openssh-server: /etc/init.d/ssh start does not signal error for UID > 0
From: Justin Pryzby <justinpryzby@users.sourceforge.net>
Date: Fri, 19 May 2006 08:26:10 -0400
Message-id: <[🔎] 20060519122610.GD18008@andromeda>
Reply-to: Justin Pryzby <justinpryzby@users.sourceforge.net>, 367993@bugs.debian.org
In-reply-to: <[🔎] 20060519053711.15675.90990.reportbug@cante>
References: <[🔎] 20060519053711.15675.90990.reportbug@cante>

clone 367993 -1 -2
reassign -1 dpkg
retitle -1 dpkg: [S-S-D]: --oknodo should exit unsuccessfully if there was stuff to do, but it failed
retitle 367993 ssh: fails to show any error when start/stop as normal user fails
retitle -2 ssh: immediate failure of a child process doesn't cause an unsuccessful exit.
tag 367993 moreinfo
thanks

On Fri, May 19, 2006 at 08:37:11AM +0300, Jari Aalto wrote:
> Package: openssh-server
> Version: 1:4.3p2-1
> Severity: normal
> 
> DESCRIPTION
> 
>     foo@host:~$ /etc/init.d/ssh start
>     foo@host:~$ echo $?
>     0
>     foo@host:~$ id -a
>     uid=1000(foo) gid=1000(foo) groups=44(video),1000(foo)
> 
> SUGGESTION
> 
> The service start script
> 
> 1) Should return error (cannot commence any command non-root)
This is actually a dpkg bug; start-stop-daemon is failing to do
anything, but since --oknodo is given, it succeeds.  IMO this is
incorrect for the case that it does nothing for any reason other than
"there was nothing to do", in particular for the case that permission
was denied:

$ /sbin/start-stop-daemon --stop --quiet --oknodo --pidfile /var/run/sshd.pid; echo $?
/sbin/start-stop-daemon: warning: failed to kill 5870: Operation not permitted
0

> 2) Display error message, that user does not have privileges
>    to run the command
I actually get an error message for both start and stop:
$ /etc/init.d/ssh stop
Stopping OpenBSD Secure Shell server: sshdstart-stop-daemon: warning: failed to kill 5870: Operation not permitted
.
$ /etc/init.d/ssh start
Starting OpenBSD Secure Shell server: sshdCould not load host key: /etc/ssh/ssh_host_rsa_key
Could not load host key: /etc/ssh/ssh_host_dsa_key
.

Please give the output of bash -x /etc/init.d/ssh start, and then bash -x
/etc/init.d/ssh stop (as a normal user).

This also seems to be an ssh bug, to the effect of "the parent exits
successfully without waiting for necessary startup stuff to happen in
the child, which immediately fails".

$ /usr/sbin/sshd; echo $?
Could not load host key: /etc/ssh/ssh_host_rsa_key
Could not load host key: /etc/ssh/ssh_host_dsa_key
0

Hmmm stracing seems to indicate that it isn't an "fork and exit
immediately" problem, but rather an "failure message from the child
doesn't cause unsuccessful exit" problem.

Justin

Reply to:

Follow-Ups:
- Processed: Re: Bug#367993: openssh-server: /etc/init.d/ssh start does not signal error for UID > 0
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

References:
- Bug#367993: openssh-server: /etc/init.d/ssh start does not signal error for UID > 0
  - From: Jari Aalto <jari.aalto@cante.net>

Prev by Date: Bug#367971: marked as done (openssh: [INTL:sv] Swedish debconf templates translation)
Next by Date: Processed: Re: Bug#367993: openssh-server: /etc/init.d/ssh start does not signal error for UID > 0
Previous by thread: Bug#367993: openssh-server: /etc/init.d/ssh start does not signal error for UID > 0
Next by thread: Processed: Re: Bug#367993: openssh-server: /etc/init.d/ssh start does not signal error for UID > 0
Index(es):
- Date
- Thread