sshd blocks SIGALRM

Carson Gaspar carson at taltos.org
Fri Dec 23 22:42:58 EST 2005


--On Friday, December 23, 2005 11:07 AM +0100 Loic Domaigne 
<loic-dev at gmx.net> wrote:

> We have just found an interesting issue regarding the sshd daemon on our
> SuSE system. For some reasons, the /usr/sbin/sshd process blocks SIGALRM
> as shown in the /proc/pid/status:
>
> $ cat /proc/`cat /var/run/sshd.init.pid`/status
> Name:   sshd
> State:  S (sleeping)
> SleepAVG:       0%
> [...]
> SigPnd: 0000000000000000
> ShdPnd: 0000000000000000
> SigBlk: 0000000000002000  <-- SIGALRM is blocked
> SigIgn: 0000000000001000
>
> As a result, any descendent processes shall inherit this mask. The bad
> news is that some commands rely on SIGALRM being unmasked, e.g. those
> invoking alarm() or similar. If those commands are started from a "ssh
> shell", then they won't work correctly (e.g. never times out). That's
> really annoying.

If an application requires SIGALRM, it should explicitly set the signal 
handler for it. If it doesn't, it's broken.

However, looking at the openssh 3.9p1 source code, it never blocks SIGALRM. 
It uses SIGALRM to regenerate keys. So what you say makes no sense...

-- 
Carson




More information about the openssh-unix-dev mailing list