Fwd: Re: (fyi) pr 1254 (ssh not properly closing)
FYI, in follow up to my previous email:
-----Forwarded Message-----
> Apparently this is "known" behaviour: the openssh faq lists it as such
> at http://www.openssh.org/faq.html#3.10.
>
> Damian, I recommend using the workaround mentioned in the faq.
>
> On Thu, Jul 25, 2002 at 03:13:42PM +1000, Garth Mollett wrote:
> > fyi:
> >
> > After causing several bruises to my head (and gaining a much better
> > understanding of the ssh/sshd internals), I've finnally figured whats going
> > on, the "bug" isn't really in ssh/sshd as such but more in the way linux and
> > solaris (bash?, although it happens with tcsh and pdksh, need to test futher,
> > but I couldn't reproduce it on openbsd box (that only had bourne,korn and csh))
> > handle things:
> >
> > when the shell forks() a background proccess, it inherits the file
> > descriptors from it's parrent attached to (the tty/pty) stdin/out/err
> > and they are never closed, so if the parent (the shell) exits, the backgrounded
> > child still has the tty/pty open, so the sshd proccess won't get an eof from
> > the fd and select() won't get woken up as the other end of the pipe is still
> > open (in the child).
> >
> > Demo:
> >
> > $ ssh nestor
> > [nestor:~]$ sleep 7249823 &
> > [1] 9838
> > [nestor:~]$ exit
> > logout
> >
> > <connection "hangs" untill sleep exits>
> >
> > --
> >
> > $ ssh nestor
> > [nestor:~]$ cat test2.c
> > #include <sys/types.h>
> > #include <unistd.h>
> >
> > void
> > main()
> > {
> > close(0);
> > close(1);
> > close(2);
> > close(3);
> >
> > for (;;)
> > sleep(22344);
> > }
> >
> > [nestor:~]$ ./test2 &
> > [1] 9852
> > [nestor:~]$ exit
> > logout
> > Connection to nestor closed.
> >
> > <connection closes straight away>
> >
> > Not sure if this is really a bug or a feature (as you can just explicitly
> > kill the connection with the client), I'll reaserch it a little futher
> > before I propose any possable solutions, at first I though if the child
> > exits the connection should be dropped, but ssh isn't just used for running
> > interactive shells and this could lead to unexpected results.
> >
> > I also though that this might be a way to snoop on other users, ie.
> > you login start a background proccess and kill the connection, and the
> > background process can still still read/write to the tty, however linux
> > at least won't give the tty to another user untill nothing has any connections
> > to it anymore.
Reply to: