[Bug 2158] New: Race condition in receiving SIGTERM

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Wed Oct 9 05:39:53 EST 2013


https://bugzilla.mindrot.org/show_bug.cgi?id=2158

            Bug ID: 2158
           Summary: Race condition in receiving SIGTERM
           Product: Portable OpenSSH
           Version: 6.2p1
          Hardware: All
                OS: Linux
            Status: NEW
          Severity: minor
          Priority: P5
         Component: sshd
          Assignee: unassigned-bugs at mindrot.org
          Reporter: ben.maurer at gmail.com

To handle sigterm, openssh uses this handler:

static void
sigterm_handler(int sig)
{
    received_sigterm = sig;
}

in the select loop, it checks this flag

ret = select(maxfd+1, fdset, NULL, NULL, NULL);
...
if (received_sigterm) {


select() will return -1 with an EINTR when it gets a signal. Therefore,
in most cases this successfully shuts down the process. However, if SSH
were executing something other than this select call (eg, accepting a
new connection) it would never notice the sigterm until a new event
came in.

This created a race condition in a large, real world deployment. The
default init script in the openssh package sends a SIGTERM in order to
kill the process. On a small fraction of servers, the race condition
mentioned here occurred. The new openssh process was launched while the
old one still ran. When the new process attempted to bind() to a port,
it failed.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list