OpenSSH - forced command - no-pty issue

Kumaresh kumaresh_ind at gmx.net
Tue Jan 20 05:29:45 EST 2004 

Hello Darren,

The major problem we are running into is that the shell (both sh and ksh)
does not kill its child processes when there is no pty. The SSH patch
mentioned previously at
http://bugzilla.mindrot.org/show_bug.cgi?id=396

is not sufficient to kill the forced command completely.It will only kill
the shell script, but not any child processes the shell script runs. The
shell assumes the child is in the background (because there is no pty) and
therefore does not kill the child.

Consider a shell script /tmp/test.sh that in turn calls "sleep 1000". If we
run a forced command
command="/tmp/test.sh",no-pty,no-port-forwarding ssh-rsa
it gives the following processes:

   root 12724     1  0 04:46:13 ?   0:00 /opt/ssh/sbin/sshd
   root 13309 12724 10 05:24:20 ?   0:00 sshd: root at notty
   root 13313 13309  4 05:24:21 ?   0:00 /tmp/test.sh
   root 13314 13313  2 05:24:21 ?   0:00 sleep 1000

When we disconnect the client, the sshd process is killed and the shell
script keeps running:

   root 12724     1  0 04:46:13 ?   0:00 /opt/ssh/sbin/sshd
   root 13313     1  0 05:24:21 ?   0:00 /tmp/test.sh
   root 13314 13313  0 05:24:21 ?   0:00 sleep 1000

When we apply the patch to sshd, the sshd process sends a SIGHUP (hangup)
signal to /tmp/test.sh before exiting. The shell script (/tmp/test.sh) is
killed, but the shell
script does NOT kill its child sleep process. Here is the process list after
the client disconnects:

   root 12724     1  0 04:46:13 ?   0:00 /opt/ssh/sbin/sshd
   root 13314     1  0 05:24:21 ?   0:00 sleep 1000

You can test this by manually running the command:
  # PID=`ps -ef | grep /tmp/test.sh | awk '{print $2}'`
  # kill -HUP $PID

The shell script will be killed but the child process (sleep 1000) will keep
running.

Please let us know your comments on this.

Thanks in Advance,
Kumaresh.


----- Original Message -----
From: "Darren Tucker" <dtucker at zip.com.au>
To: "Kumaresh" <kumaresh_ind at gmx.net>
Cc: "OpenSSH Devel List" <openssh-unix-dev at mindrot.org>
Sent: Thursday, January 01, 2004 4:49 AM
Subject: Re: OpenSSH - forced command - no-pty issue


> You do not need to send bug reports directly to me, I read the list.
>
> Kumaresh wrote:
> > We have an issue where forced commands are left hanging on the sshd
server
> > running whenever the ssh client disconnects.
> [snip]
> > Is there a way, which we can notify and kill  the commands or child
> > processes when the sshd is terminated.?
>
> This sounds like bug #396.  For details and patch see:
> http://bugzilla.mindrot.org/show_bug.cgi?id=396
>
> --
> Darren Tucker (dtucker at zip.com.au)
> GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
>      Good judgement comes with experience. Unfortunately, the experience
> usually comes from bad judgement.
>


---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.561 / Virus Database: 353 - Release Date: 1/13/2004

More information about the openssh-unix-dev mailing list