[Bug 2646] zombie processes when using privilege separation

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Thu Dec 15 09:58:45 AEDT 2016 

https://bugzilla.mindrot.org/show_bug.cgi?id=2646

--- Comment #4 from Akshay <akshay.moghe at gmail.com> ---
Okay, I was able to reproduce the issue using `OpenSSH_7.2p2, OpenSSL
1.0.2g  1 Mar 2016`

First, I have a simple 'init' program that runs in a container. All it
does is it launches sshd, and waits for the TERM signal. On receipt of
TERM, it TERMs sshd, and exits.

So, initially, here is what I see:

root at 4871a0e3589e:/# ps auxf
USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME
COMMAND
root         9  0.0  0.0  18248  3384 ?        Ss   22:47   0:00 bash
root        19  0.0  0.0  34424  2820 ?        R+   22:48   0:00  \_ ps
auxf
root         1  0.4  0.0  40364  8220 ?        Ssl+ 22:47   0:00
/usr/bin/ruby -- /init.rb
root         8  0.0  0.0  26468  3844 ?        S+   22:47   0:00
/usr/sbin/sshd -D

The bash process (that spawns ps) is 'exec'd in the container using
docker exec so that I can view the process listing "out-of-band" (i.e
without exercising sshd)

Next, I log in, and list the processes (in-band, this time). This is
what i see:

nsadmin at 4871a0e3589e:~$ ps auxf
USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME
COMMAND
root         1  0.0  0.0  40364  8220 ?        Ssl+ 22:47   0:00
/usr/bin/ruby -- /init.rb
root         8  0.0  0.0  26468  3844 ?        S+   22:47   0:00
/usr/sbin/sshd -D
root        20  0.0  0.0  29028  4532 ?        Ss   22:48   0:00  \_
sshd: nsadmin [priv]
nsadmin     22  0.0  0.0  29028  2624 ?        S    22:48   0:00     
\_ sshd: nsadmin at pts/0
nsadmin     23  0.0  0.0  18256  3216 pts/0    Ss   22:48   0:00       
  \_ -bash
nsadmin     28  0.0  0.0  34424  2932 pts/0    R+   22:48   0:00       
      \_ ps auxf


Then, I log out of the ssh session, and get the process listing using
an exec'd shell:

USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME
COMMAND
root        29  0.0  0.0  18248  3264 ?        Ss   22:48   0:00
/bin/bash
root        40  0.0  0.0  34424  2876 ?        R+   22:48   0:00  \_ ps
auxf
root         1  0.0  0.0  40364  8220 ?        Ssl+ 22:47   0:00
/usr/bin/ruby -- /init.rb
root         8  0.0  0.0  26468  3844 ?        S+   22:47   0:00
/usr/sbin/sshd -D
nsadmin     22  0.0  0.0      0     0 ?        Z    22:48   0:00 [sshd]
<defunct>

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.

More information about the openssh-bugs mailing list