Bug#714526: Should close stderr when becoming multiplex master
Package: openssh-client
Version: 1:6.2p2-5
Severity: wishlist
Tags: patch
Hi,
when becoming multiplex master and not closing stderr processes can hand
as described in #708296. This happens since Python's subprocess module
won't terminate Popen.communicate() when the chield dies but only when
it receives EOF on the fd.
While this is arguably a bug in python's subprocess module [1] being
"half" a daemon and closing most file descriptors like ssh currently
does is bad either.
I'm happy to modify the patch to not close stderr e.g. in case of
running in debug mode but wanted to get your feedback first.
Cheers,
-- Guido
[1] http://bugs.python.org/issue4216
-- System Information:
Debian Release: jessie/sid
APT prefers stable
APT policy: (990, 'stable'), (500, 'testing'), (50, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 3.2.0-4-686-pae (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages openssh-client depends on:
ii adduser 3.113+nmu3
ii dpkg 1.16.10
ii libc6 2.17-3
ii libedit2 2.11-20080614-6
ii libgssapi-krb5-2 1.10.1+dfsg-5+deb7u1
ii libselinux1 2.1.13-2
ii libssl1.0.0 1.0.1e-3
ii passwd 1:4.1.5.1-1
ii zlib1g 1:1.2.8.dfsg-1
Versions of packages openssh-client recommends:
ii xauth 1:1.0.7-1
Versions of packages openssh-client suggests:
pn keychain <none>
pn libpam-ssh <none>
pn monkeysphere <none>
ii openssh-blacklist 0.4.1+nmu1
ii openssh-blacklist-extra 0.4.1+nmu1
ii ssh-askpass 1:1.2.4.1-9
-- no debconf information
-- debsums errors found:
debsums: changed file /usr/bin/ssh (from openssh-client package)
>From e10183e072dd2e815ffbc4d82e59a03cfa029099 Mon Sep 17 00:00:00 2001
Message-Id: <e10183e072dd2e815ffbc4d82e59a03cfa029099.1372597574.git.agx@sigxcpu.org>
From: =?UTF-8?q?Guido=20G=C3=BCnther?= <agx@sigxcpu.org>
Date: Sun, 30 Jun 2013 15:04:11 +0200
Subject: [PATCH] Close stderr iff multiplex master
When we're becoming the multiplex master we should close all file
descriptors by default including stderr. Everything else might
yield surprises to the user like:
http://bugs.debian.org/708296
While this is arguably a bug in python's subprocess being "half"
a daemon and closing most file descriptors is bad either.
---
ssh.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/ssh.c b/ssh.c
index 5ec89f2..4552151 100644
--- a/ssh.c
+++ b/ssh.c
@@ -990,7 +990,8 @@ control_persist_detach(void)
strerror(errno));
} else {
if (dup2(devnull, STDIN_FILENO) == -1 ||
- dup2(devnull, STDOUT_FILENO) == -1)
+ dup2(devnull, STDOUT_FILENO) == -1 ||
+ dup2(devnull, STDERR_FILENO) == -1)
error("%s: dup2: %s", __func__, strerror(errno));
if (devnull > STDERR_FILENO)
close(devnull);
--
1.8.3.1
Reply to: