ssh-agent subprocess parentage
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Tue May 10 02:06:27 EST 2011
I regularly use ssh-agent with a subcommand; my X11 session is spawned
through ssh-agent, and sometimes i'll run a special agent for a certain
subset of commands, like this:
ssh-agent bash
... and then do work within that shell. From the man page:
> If a commandline is given, this is executed as a subprocess of the agent.
> When the command dies, so does the agent.
But looking at the process table (and at ssh-agent.c) this isn't what
actually happens.
It looks like the agent lives on as the subprocess, and the subcommand
is execed from the parent process.
This has troublesome implications for the agent being able to detect
when the command dies, since it can't rely on SIGCHLD handlers. Indeed,
check_parent_exists() relies on simply storing the process ID and
checking to see whether such a process is signalable. Given that
process IDs tend to be relatively small numbers (15 bits on Linux), and
are reused frequently, it's not hard to imagine this test giving a false
positive.
It's also troublesome for process supervision -- if i invoke ssh-agent
and i want to ensure that i know when the agent dies (via SIGCHLD),
invoking it with a subcommand will obscure the ssh-agent's dying sigchld
from my supervising process. That is, the subcommand can continue
living (as the supervising process' immediate child) even if the agent
segfaults or terminates due to ssh-agent -k or any other reason.
Is there a reason for doing things in this order? Is there interest in
a patch to make the code behave as documented in the man page?
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1030 bytes
Desc: OpenPGP digital signature
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20110509/5cd975bd/attachment.bin>
More information about the openssh-unix-dev
mailing list