[Bug 238] sshd.pid file written AFTER key generation causes race condition

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Tue Jan 7 23:31:17 EST 2003


http://bugzilla.mindrot.org/show_bug.cgi?id=238





------- Additional Comments From libove at felines.org  2003-01-07 23:31 -------
There always exists the possibility that something will cause a daemon to fail 
to complete its startup, or to fail after it has started successfully.
This seems to boil down to the question: is it more important to ensure that 
every service starts successfully, or is it more important to get the system up 
and running so that other services can be offered?
I am uncertain how I feel about this question regarding SSH. SSH is a critical 
system service from an administrative point of view, and for systems which have 
interactive users other than administrators. For systems which provide 
application services but do not have users logging in directly, SSH is not 
critical.
Generally, I think I have seen a preference to daemons starting up as 
asynchronously as possible during system boot.
Also, if key generation fails due to lack of entropy, it indicates either a 
misconfiguration or a rare problem on that particular server. The current state 
(write .pid file after key generation) creates a problem for many more systems.
So, I still prefer to have the .pid file written before key generation rather 
than after.
Thanks for considering the request. Which way will you go with it?




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.



More information about the openssh-unix-dev mailing list