NetBSD Problem Report #55278
From hauke@Espresso.Rhein-Neckar.DE Tue May 19 07:23:55 2020
Return-Path: <hauke@Espresso.Rhein-Neckar.DE>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
by mollari.NetBSD.org (Postfix) with ESMTPS id 7CBCB1A9217
for <gnats-bugs@gnats.NetBSD.org>; Tue, 19 May 2020 07:23:55 +0000 (UTC)
Message-Id: <202005190722.04J7McQf007885@pizza.causeuse.org>
Date: Tue, 19 May 2020 09:22:38 +0200 (CEST)
From: Hauke Fath <hf@spg.tu-darmstadt.de>
Reply-To: Hauke Fath <hf@spg.tu-darmstadt.de>
To: gnats-bugs@NetBSD.org
Cc: Hauke Fath <hf@spg.tu-darmstadt.de>
Subject: inetd dies while starting Samba smbd
X-Send-Pr-Version: 3.95
>Number: 55278
>Category: bin
>Synopsis: inetd dies while starting Samba smbd
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: bin-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Tue May 19 07:25:00 +0000 2020
>Last-Modified: Mon Nov 06 23:15:01 +0000 2023
>Originator: Hauke Fath
>Release: NetBSD 9.0_STABLE
>Organization:
Falling Raindrops
>Environment:
System: NetBSD pizza.causeuse.org 9.0_STABLE NetBSD 9.0_STABLE (BLACKBOX-$Revision: 1.85 $) #0: Sat May 16 15:16:03 CEST 2020 hauke@pizza.causeuse.org:/var/obj/netbsd-builds/9/amd64/sys/arch/amd64/compile/BLACKBOX amd64
Architecture: x86_64
Machine: amd64
>Description:
On a machine that does not see windows clients often, I have
configured the Samba nmbd and smbd daemons to be started from
inetd:
netbios-ssn stream tcp nowait root /usr/pkg/sbin/smbd smbd
microsoft-ds stream tcp nowait root /usr/pkg/sbin/smbd smbd
netbios-ns dgram udp wait root /usr/pkg/sbin/nmbd nmbd
This works fine with a non-detaching inetd ('inetd -d -l'):
# ./inetd -l -d
[...]
ADD : netbios-ssn proto=tcp, wait.max=0.40, user:group=root:(null) builtin=0 server=/usr/pkg/sbin/smbd policy=
registered /usr/pkg/sbin/smbd on 20
ADD : microsoft-ds proto=tcp, wait.max=0.40, user:group=root:(null) builtin=0 server=/usr/pkg/sbin/smbd policy=
registered /usr/pkg/sbin/smbd on 21
ADD : netbios-ns proto=udp, wait.max=1.40, user:group=root:(null) builtin=0 server=/usr/pkg/sbin/nmbd policy=
registered /usr/pkg/sbin/nmbd on 22
someone wants microsoft-ds
accept, ctrl 5
someone wants microsoft-ds
accept, ctrl 5
8493 execl /usr/pkg/sbin/smbd
2551 execl /usr/pkg/sbin/smbd
8493 reaped, status 0xf
2551 reaped, status 0xf
But a daemonized inetd terminates while starting smbd:
[inetd built with -O -g3]
(gdb) attach 1525
Attaching to process 1525
Reading symbols from /u1/netbsd-9/src/usr.sbin/inetd/./inetd...
Reading symbols from /usr/lib/libwrap.so.1...
(No debugging symbols found in /usr/lib/libwrap.so.1)
Reading symbols from /usr/lib/libutil.so.7...
(No debugging symbols found in /usr/lib/libutil.so.7)
Reading symbols from /usr/lib/libipsec.so.3...
(No debugging symbols found in /usr/lib/libipsec.so.3)
Reading symbols from /usr/lib/libc.so.12...
(No debugging symbols found in /usr/lib/libc.so.12)
Reading symbols from /usr/libexec/ld.elf_so...
(No debugging symbols found in /usr/libexec/ld.elf_so)
[Switching to LWP 1 of process 1525]
0x000074691e042b3a in _sys___kevent50 () from /usr/lib/libc.so.12
(gdb) continue
Continuing.
[New process 1525]
[Detaching after fork from child process 2295]
[Detaching after fork from child process 8237]
Thread 2 "" received signal SIGTERM, Terminated.
[Switching to process 1525]
0x000074691e0427fa in _sys___sigprocmask14 () from /usr/lib/libc.so.12
(gdb) bt
#0 0x000074691e0427fa in _sys___sigprocmask14 () from /usr/lib/libc.so.12
#1 0x000074691e11d13f in clnt_vc_create () from /usr/lib/libc.so.12
#2 0x000074691e113ef2 in ?? () from /usr/lib/libc.so.12
#3 0x000074691e1142cb in rpcb_unset () from /usr/lib/libc.so.12
#4 0x0000000099603ad4 in unregister_rpc (sep=0x74691f1f5d00) at inetd.c:1211
#5 0x0000000099605d2c in goaway () at inetd.c:1028
#6 main (argc=<optimized out>, argv=<optimized out>) at inetd.c:515
(gdb)
% head -1 inetd.c
/* $NetBSD: inetd.c,v 1.125 2017/11/28 11:51:11 martin Exp $ */
%
>How-To-Repeat:
Run Samba 4 smbd from inetd: Connecting clients will error
out, and the server's inetd will vanish in thin air. No
related log entries anywhere.
>Fix:
No idea...
>Audit-Trail:
From: Hauke Fath <hf@spg.tu-darmstadt.de>
To: gnats-bugs@NetBSD.org
Cc: gnats-admin@NetBSD.org, hauke@Espresso.Rhein-Neckar.DE
Subject: Re: bin/55278: inetd dies while starting Samba smbd
Date: Mon, 12 Apr 2021 12:16:37 +0200
-current is shorter, but equally final. From inetd(8) built with=20
CFLAGS=3D"-O0 -g3":
% ident /usr/sbin/inetd
/usr/sbin/inetd:
$NetBSD: crt0.S,v 1.4 2018/11/26 17:37:46 joerg Exp $
$NetBSD: crt0-common.c,v 1.23 2018/12/28 20:12:35 christos Exp $
$NetBSD: crti.S,v 1.1 2010/08/07 18:01:35 joerg Exp $
$NetBSD: crtbegin.S,v 1.2 2010/11/30 18:37:59 joerg Exp $
$NetBSD: inetd.c,v 1.126 2019/12/27 09:22:20 msaitoh Exp $
$NetBSD: crtend.S,v 1.1 2010/08/07 18:01:34 joerg Exp $
$NetBSD: crtn.S,v 1.1 2010/08/07 18:01:35 joerg Exp $
%=20
(gdb) attach 25550
Attaching to process 25550
Reading symbols from /usr/sbin/inetd...
Reading symbols from /usr/lib/libwrap.so.1...
(No debugging symbols found in /usr/lib/libwrap.so.1)
Reading symbols from /usr/lib/libblocklist.so.0...
(No debugging symbols found in /usr/lib/libblocklist.so.0)
Reading symbols from /usr/lib/libutil.so.7...
(No debugging symbols found in /usr/lib/libutil.so.7)
Reading symbols from /usr/lib/libipsec.so.3...
(No debugging symbols found in /usr/lib/libipsec.so.3)
Reading symbols from /usr/lib/libc.so.12...
(No debugging symbols found in /usr/lib/libc.so.12)
Reading symbols from /usr/libexec/ld.elf_so...
(No debugging symbols found in /usr/libexec/ld.elf_so)
[Switching to LWP 25550 of process 25550]
0x0000760f81244bba in _sys___kevent50 () from /usr/lib/libc.so.12
(gdb) cont
Continuing.
[New process 25550]
Thread 2 received signal SIGTERM, Terminated.
[Switching to process 25550]
0x0000760f81244bba in _sys___kevent50 () from /usr/lib/libc.so.12
(gdb) bt
#0 0x0000760f81244bba in _sys___kevent50 () from /usr/lib/libc.so.12
#1 0x000000018e8076c8 in my_kevent (changelist=3D0x18ea09dc0=20
<changebuf>, nchanges=3D0, eventlist=3D0x7f7fff9b50c0, nevents=3D64)
at /misc/netbsd-developer/usr.sbin/inetd/inetd.c:2260
#2 0x000000018e802d57 in main (argc=3D0, argv=3D0x7f7fff9b5b58) at=20
/misc/netbsd-developer/usr.sbin/inetd/inetd.c:501
(gdb)
--=20
The ASCII Ribbon Campaign Hauke Fath
() No HTML/RTF in email Institut f=FCr Nachrichtentechnik
/\ No Word docs in email TU Darmstadt
Respect for open standards Ruf +49-6151-16-21344
From: RVP <rvp@SDF.ORG>
To: gnats-bugs@netbsd.org
Cc:
Subject: Re: bin/55278: inetd dies while starting Samba smbd
Date: Mon, 6 Nov 2023 23:11:26 +0000 (UTC)
On Mon, 12 Apr 2021, Hauke Fath wrote:
> 0x0000760f81244bba in _sys___kevent50 () from /usr/lib/libc.so.12
> (gdb) cont
> Continuing.
> [New process 25550]
>
> Thread 2 received signal SIGTERM, Terminated.
>
smbd registers a cleanup function via atexit() in main() called killkids()
which does[1]:
```
133 if(am_parent) kill(0,SIGTERM);
```
[1]: https://gitlab.com/samba-team/samba/-/blob/master/source3/smbd/server.c?ref_type=heads
When running in the foreground (-d) inetd does setsid(), but, it _doesn't_
do this when running in the background, And, since smbd is run as root, inetd
gets the SIGTERM sent to the process-group by samba to kill its children.
A simple reproducer is this "server":
```
#include <signal.h>
#include <stdlib.h>
#include <unistd.h>
int
main(void)
{
sleep(5);
kill(0, SIGTERM);
exit(EXIT_FAILURE);
}
```
which you can (temporarily) run in /etc/inetd.conf instead of smbd:
```
netbios-ssn stream tcp nowait root /tmp/foo foo
```
It should kill inetd just as effectively.
This should fix the issue:
```
diff -urN a/src/usr.sbin/inetd/inetd.c b/src/usr.sbin/inetd/inetd.c
--- a/src/usr.sbin/inetd/inetd.c 2022-08-10 08:37:53.000000000 +0000
+++ b/src/usr.sbin/inetd/inetd.c 2023-11-06 22:43:54.650415000 +0000
@@ -499,9 +499,9 @@
for (n = 0; n < __arraycount(my_signals); n++)
(void) signal(my_signals[n], SIG_DFL);
- /* Don't put services in terminal session */
- if (foreground)
- setsid();
+ /* Always create new process-group: PR #55278 */
+ if (setsid() == -1)
+ syslog(LOG_ERR, "setsid: %m");
}
}
if (pid == 0) {
```
Should eventually be pulled-up to -8, -9, -10.
-RVP
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.47 2022/09/11 19:34:41 kim Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2023
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.