SMF/process contracts in Solaris 10
Chad Mynhier
cmynhier at gmail.com
Mon Jul 17 23:36:28 EST 2006
I've searched the archive for this mailing list and the bug list for
OpenSSH for this, and I'm finding nothing. I'd appreciate it if
somoene could point me to an existing thread about this. (I know that
other people are aware of the problem, though, so I'm a bit surprised
to find nothing.)
We're running OpenSSH under Solaris 10 using SMF instead of a legacy
init script. SMF isn't doing the right thing WRT sshd. For example,
SMF should be able to restart sshd if it's killed, but it's not
currently doing so and reports the service as being online.
I tracked down the problem to the fact that OpenSSH does not put child
processes into separate process contracts. There are two side-effects
to this omission. The first is the problem I describe above. Because
sshd does not put child processes into searate process contracts,
every process in the tree rooted at the parent sshd is in the same
process contract (assuming no other process is creating new process
contracts.) When the parent sshd process is killed, there are other
live processes in that contract, thus SMF thinks the service is still
online.
There's a flipside to this problem, in that a 'svcadm disable' of
OpenSSH will cause every process in that tree to be terminated. This
would include daemons that have been started manually from someone's
ssh session.
I've fixed this problem locally by patching sshd.c with the
contract-specific code from Sun's sshd.c. I would submit a patch
based on that, but I'm not fully aware of the OpenSSH policy on Sun's
ssh code.
Chad Mynhier
More information about the openssh-unix-dev
mailing list