ssh-agent subprocess parentage

Ángel González keisial at gmail.com
Tue May 10 03:29:10 EST 2011


Daniel Kahn Gillmor wrote:
> It looks like the agent lives on as the subprocess, and the subcommand
> is execed from the parent process.
>
> This has troublesome implications for the agent being able to detect
> when the command dies, since it can't rely on SIGCHLD handlers.  Indeed,
> check_parent_exists() relies on simply storing the process ID and
> checking to see whether such a process is signalable.  Given that
> process IDs tend to be relatively small numbers (15 bits on Linux), and
> are reused frequently, it's not hard to imagine this test giving a false
> positive.

Such premature reuse looks like an OS bug, although it could
theoretically happen.
Making the original ssh-agent a process group can probably avoid it, though:
>
>
>       4.12 Process ID Reuse
>
> A process group ID shall not be reused by the system until the process
> group lifetime ends.
>
> A process ID shall not be reused by the system until the process
> lifetime ends. In addition, if there exists a process group whose
> process group ID is equal to that process ID, the process ID shall not
> be reused by the system until the process group lifetime ends. A
> process that is not a system process shall not have a process ID of 1.
>

http://pubs.opengroup.org/onlinepubs/009604599/basedefs/xbd_chap04.html

Another option to ensure it is our real parent would be to use getpid()
and look if
we have been reparented, although it would need to be careful with
getpid() wrappers.


> It's also troublesome for process supervision -- if i invoke ssh-agent
> and i want to ensure that i know when the agent dies (via SIGCHLD),
> invoking it with a subcommand will obscure the ssh-agent's dying sigchld
> from my supervising process.  That is, the subcommand can continue
> living (as the supervising process' immediate child) even if the agent
> segfaults or terminates due to ssh-agent -k or any other reason.
>
> Is there a reason for doing things in this order?  Is there interest in
> a patch to make the code behave as documented in the man page?
I guess it's so you can supervise the "right process", as the important one
would be the parameter, so you could replace transparently the called
command with
"ssh-agent oldcommand".
It's also cleaner having the agent showing as child of bash. It's part
of your bash session
(although 'adopted').



More information about the openssh-unix-dev mailing list