getpgrp

[Damien Miller]

On Fri, 15 Feb 2013, Darren Tucker wrote:

> These days, sshd.c has:
> 
> static void
> grace_alarm_handler(int sig)
> {
> ...
>         if (getpgid(0) == getpid()) {
>                 signal(SIGTERM, SIG_IGN);
>                 killpg(0, SIGTERM);
>         }
> 
>         sigdie(...);
> }
> 
> however (really) old BSDs do not have getpgid().  They do have
> getpgrp(), which does what we want here. The question is what to do if
> we have neither: return the pid (and thus terminate nothing) or return
> -1 and kill everything wihout getting to the sigdie().  I vote for the
> latter (since they're unlikely to be able to log anything in a
> signal-safe manner anyway).

Is killpg(-1, ...) defined to do anything? According to SUSv3, pgrp<=1
is undefined. Do you mean pgrp=0?

The condition I worry about is terminating the listening sshd by accident.
Maybe it would be best to disable AuthorizedKeysCommand on these hosts,
since it was the motivation for the killpg IIRC.

-d