[Bug 3729] the new sshd does not work under the supervision of inetd

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Tue Sep 10 19:38:30 AEST 2024 

https://bugzilla.mindrot.org/show_bug.cgi?id=3729

--- Comment #2 from khalid outaali <khalid.outaali at nav-timing.safrangroup.com> ---
Thanks for your feedback, Darren. Here are the details you requested:

**Host System Details:**

- **Distro:** None, custom build with buildroot
- **Kernel Version:** Linux 6.1.32 #1 SMP PREEMPT
- **glibc Version:** GNU C Library (Buildroot) stable release version
2.38, Compiled by GNU CC version 12.3.0.
- **Hardware Architecture:** armv7l (Altera Cyclone V)

**Server Logs:**

I’ve attached the logs from the xined and sshd during a failed
connection. You can find the relevant logs below:

```
spfactory at securesync-0e0000:~$ sudo /usr/sbin/xinetd -dontfork -d &
[1] 3195
spfactory at securesync-0e0000:~$ 24/9/10 at 07:54:57: DEBUG: 3198
{handle_includedir} Reading included configuration file:
/etc/xinetd.d/daytime [file=/etc/xinetd.conf] [line=15]
24/9/10 at 07:54:57: DEBUG: 3198 {handle_includedir} Reading included
configuration file: /etc/xinetd.d/ssh [file=/etc/xinetd.d/ssh]
[line=27]
24/9/10 at 07:54:57: DEBUG: 3198 {handle_includedir} Reading included
configuration file: /etc/xinetd.d/telnet [file=/etc/xinetd.d/telnet]
[line=20]
24/9/10 at 07:54:57: DEBUG: 3198 {handle_includedir} Reading included
configuration file: /etc/xinetd.d/time [file=/etc/xinetd.d/time]
[line=17]
24/9/10 at 07:54:57: DEBUG: 3198 {remove_disabled_services} removing
daytime
24/9/10 at 07:54:57: DEBUG: 3198 {remove_disabled_services} removing
daytime
24/9/10 at 07:54:57: DEBUG: 3198 {remove_disabled_services} removing
telnet
24/9/10 at 07:54:57: DEBUG: 3198 {remove_disabled_services} removing time
24/9/10 at 07:54:57: DEBUG: 3198 {remove_disabled_services} removing time
Service defaults
        Instances = 60
        CPS = max conn:25 wait:30
        Bind = All addresses.
        Only from:  0.0.0.0(NUMERIC) ::/::(NET)
        No access: No blocked sites
        Logging to syslog. Facility = authpriv, level = info
        Log_on_success flags = HOST PID
        Log_on_failure flags = HOST

Service configuration: ssh
        id = ssh
        flags = REUSE IPv6
        socket_type = stream
        Protocol (name,number) = (tcp,6)
        port = 22
        Instances = 9
        wait = no
        user = 0
        Groups = yes
        PER_SOURCE = -1
        Bind = All addresses.
        Server = /usr/sbin/sshd
        Server argv = sshd -i -e -ddd
        Only from:  0.0.0.0(NUMERIC) ::/::(NET)
        No access: No blocked sites
        Logging to file: /tmp/sshd.log (no limits)
        Log_on_success flags = HOST DURATION EXIT PID
        Log_on_failure flags = HOST USERID

24/9/10 at 07:54:57: DEBUG: 3198 {cnf_start_services} Started service: ssh
24/9/10 at 07:54:57: DEBUG: 3198 {cnf_start_services} mask_max = 6,
services_started = 1
24/9/10 at 07:54:57: NOTICE: 3198 {main} xinetd Version 2.3.15 started
with no options compiled in.
24/9/10 at 07:54:57: NOTICE: 3198 {main} Started working: 1 available
service
24/9/10 at 07:54:57: DEBUG: 3198 {main_loop} active_services = 1

spfactory at securesync-0e0000:~$ ssh spfactory at localhost
24/9/10 at 07:55:16: DEBUG: 3198 {main_loop} select returned 1
24/9/10 at 07:55:16: DEBUG: 3198 {server_start} Starting service ssh
24/9/10 at 07:55:16: DEBUG: 3198 {main_loop} active_services = 1
24/9/10 at 07:55:16: DEBUG: 3299 {exec_server} duping 8
kex_exchange_identification: read: Connection reset by peer
Connection reset by 127.0.0.1 port 22
24/9/10 at 07:55:16: DEBUG: 3198 {main_loop} active_services = 1
24/9/10 at 07:55:16: DEBUG: 3198 {main_loop} select returned 1
24/9/10 at 07:55:16: DEBUG: 3198 {check_pipe} Got signal 17 (Child exited)
24/9/10 at 07:55:16: DEBUG: 3198 {child_exit} waitpid returned = 3299
24/9/10 at 07:55:16: DEBUG: 3198 {server_end} ssh server 3299 exited
24/9/10 at 07:55:16: INFO: 3198 {conn_free} freeing connection
24/9/10 at 07:55:16: DEBUG: 3198 {child_exit} waitpid returned = -1
24/9/10 at 07:55:16: DEBUG: 3198 {main_loop} active_services = 1
spfactory at securesync-0e0000:~$ cat /tmp/sshd.log 
24/9/10 at 07:51:21: START: ssh pid=1993 from=::ffff:127.0.0.1
24/9/10 at 07:51:21: EXIT: ssh status=1 pid=1993 duration=0(sec)
24/9/10 at 07:55:16: START: ssh pid=3299 from=::ffff:127.0.0.1
24/9/10 at 07:55:16: EXIT: ssh status=255 pid=3299 duration=0(sec)
```

---

I'll also try rebuilding `sshd` with sandbox debugging enabled to
gather more information. Once built with:

```
./configure --with-cflags=-DSANDBOX_SECCOMP_FILTER_DEBUG
```

with this nothing has changed.

I doubted the issue has something to do with the absolute paths, or the
re-exec from sshd-session. So I was testing and I found out that this
small change somehow fixes the issue (as a workaround):

```
khalid at work:~/openssh-portable$ gdiff
diff --git a/misc.c b/misc.c
index afdf5142e..a29981586 100644
--- a/misc.c
+++ b/misc.c
@@ -2558,7 +2558,7 @@ parse_pattern_interval(const char *s, char
**typep, int *secsp)
 int
 path_absolute(const char *path)
 {
-       return (*path == '/') ? 1 : 0;
+       return 1;
 }

 void
```

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

More information about the openssh-bugs mailing list