NetBSD Problem Report #30915

From reed@rainier.reedmedia.net  Thu Aug  4 22:23:15 2005
Return-Path: <reed@rainier.reedmedia.net>
Received: from pilchuck.reedmedia.net (pilchuck.reedmedia.net [209.166.74.74])
	by narn.netbsd.org (Postfix) with ESMTP id 73CE363B117
	for <gnats-bugs@gnats.NetBSD.org>; Thu,  4 Aug 2005 22:23:15 +0000 (UTC)
Message-Id: <4790-1123194197@rainier.reedmedia.net>
Date: Thu, 04 Aug 2005 15:23:18 -0700
From: reed@reedmedia.net
Reply-To: reed@reedmedia.net
To: gnats-bugs@netbsd.org
Subject: sshd via inetd and changing logname
X-Send-Pr-Version: 3.95

>Number:         30915
>Category:       bin
>Synopsis:       sshd via inetd and changing logname
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    bin-bug-people
>State:          closed
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Thu Aug 04 22:24:00 +0000 2005
>Closed-Date:    Sat Dec 31 23:04:43 +0000 2022
>Last-Modified:  Sat Dec 31 23:04:43 +0000 2022
>Originator:     reed@reedmedia.net
>Release:        NetBSD 2.0.2
>Organization:
http://bsd.reedmedia.net/
>Environment:


System: NetBSD rainier.reedmedia.net 2.0.2 NetBSD 2.0.2 (GENERIC) #0: Wed Mar 23 08:53:42 UTC 2005 jmc@faith.netbsd.org:/home/builds/ab/netbsd-2-0-2-RELEASE/i386/200503220140Z-obj/home/builds/ab/netbsd-2-0-2-RELEASE/src/sys/arch/i386/compile/GENERIC i386
Architecture: i386
Machine: i386
>Description:
My sshd is started from inetd:
ssh             stream  tcp     nowait  root    /usr/sbin/sshd sshd -i

dmesg reports like:

  sshd (pid 9703) changing logname from reed to reedmedia

And then I log in to pstech and I get another entry:

  sshd (pid 755) changing logname from reedmedia to pstech

I login two more times to pstech, but no more logs.

Then I login into a different account and dmesg has another log:

  sshd (pid 25573) changing logname from pstech to bsdnews

USER PID PPID PGID   SESS JOBC STAT TT    TIME COMMAND
root 439    1  439 c22440    0 IWs  ?? 0:18.62 /usr/sbin/inetd -l

USER  PID PPID PGID   SESS JOBC STAT TT    TIME COMMAND
root 4402  439  439 c22440    0 IW   ?? 0:01.30 sshd: bsdnews [priv

USER      PID PPID PGID   SESS JOBC STAT TT    TIME COMMAND
bsdnews 25573 4402  439 c22440    0 IW   ?? 0:00.02 sshd: bsdnews@ttyp6

I see the code is from src/sys/kern/kern_prot.c (but maybe problem
is in sshd). I posted to netbsd-help: "How does the sshd process
know about the previous login name associated with different
process?"

christos asked me to file a PR: "It does not do the necessary work
to deal with process groups I think when started from inetd."

>How-To-Repeat:
Use inetd to serve sshd. Connect via ssh to different accounts.
>Fix:


>Release-Note:

>Audit-Trail:
From: David Laight <david@l8s.co.uk>
To: gnats-bugs@netbsd.org
Cc: 
Subject: Re: bin/30915: sshd via inetd and changing logname
Date: Fri, 5 Aug 2005 19:26:05 +0100

 On Thu, Aug 04, 2005 at 10:24:01PM +0000, reed@reedmedia.net wrote:
 > >Synopsis:       sshd via inetd and changing logname

 > My sshd is started from inetd:
 > ssh             stream  tcp     nowait  root    /usr/sbin/sshd sshd -i
 > 
 > dmesg reports like:
 >   sshd (pid 9703) changing logname from reed to reedmedia

 The problem is almost certainly that sshd is calling setlogin() before
 calling setsid().  This causes the logname of the daemon process (and,
 IIRC, all its current children - including all other login sessions)
 to be changed, instead of just setting the logname for the new session.

 The kernel printf is there to identify the problem - the request can't
 be errored because it is a valid one (if unusual) and setlogin() is the
 sort of function that it really isn't worth testing the result of.

 	David

 -- 
 David Laight: david@l8s.co.uk

State-Changed-From-To: open->feedback
State-Changed-By: dholland@NetBSD.org
State-Changed-When: Sat, 31 Dec 2011 22:45:48 +0000
State-Changed-Why:
Is this still a problem?


State-Changed-From-To: feedback->closed
State-Changed-By: dholland@NetBSD.org
State-Changed-When: Sat, 31 Dec 2022 23:04:43 +0000
State-Changed-Why:
11-year feedback timeout.

Assume sshd issues from 2005 are no longer relevant. If it's still broken,
please file a new PR.


>Unformatted:
NetBSD Home
NetBSD PR Database Search
(Contact us) $NetBSD: gnats-precook-prs,v 1.4 2018/12/21 14:20:20 maya Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2017 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.