[Bug 839] Privilege Separation + PAM locks users out
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Wed Jul 21 09:20:57 EST 2004
http://bugzilla.mindrot.org/show_bug.cgi?id=839
peak at argo.troja.mff.cuni.cz changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |REOPENED
Resolution|FIXED |
------- Additional Comments From peak at argo.troja.mff.cuni.cz 2004-07-21 09:20 -------
There is a bug in the patch: waitpid() with ENOHANG can return 0 if the child is
still alive. The corresponding piece of code in sshpam_sigchld_handler() should
look like this one:
+ int res;
...
+ res = waitpid(cleanup_ctxt->pam_thread, &sshpam_thread_status, WNOHANG);
+ if (res == 0 || res == -1) {
+ /* PAM thread has not exitted, privsep slave must have */
+ kill(cleanup_ctxt->pam_thread, SIGTERM);
+ res = waitpid(cleanup_ctxt->pam_thread, &sshpam_thread_status, 0);
+ if (res == -1)
+ return; /* could not wait */
+ }
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the openssh-bugs
mailing list