openssh bugs - Jun 2003 - [Bug 606] sshd [-t] should warn when cannot create pid file

http://bugzilla.mindrot.org/show_bug.cgi?id=606

           Summary: sshd [-t] should warn when cannot create pid file
           Product: Portable OpenSSH
           Version: -current
          Platform: All
        OS/Version: Linux
            Status: NEW
          Severity: enhancement
          Priority: P2
         Component: sshd
        AssignedTo: openssh-bugs at mindrot.org
        ReportedBy: openssh at roumenpetrov.info


1.) sshd should warn user when cannot create pid file.
2.) sshd -t should warn user when dont have write permition to pid_file_dir. One
possible reason is missing directory.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=606





------- Additional Comments From djm at mindrot.org  2003-06-26 21:52
-------
> 1.) sshd should warn user when cannot create pid file.
This is difficult - see the comment in sshd.c where we write the pidfile
> 2.) sshd -t should warn user when dont have write permition to 
> pid_file_dir. One possible reason is missing directory.
IMO that is just bloat. 



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=606





------- Additional Comments From dtucker at zip.com.au  2003-06-26 21:55 -------
Created an attachment (id=338)
 --> (http://bugzilla.mindrot.org/attachment.cgi?id=338&action=view)
Check directory and file perms for PidFile

Also reports error if there's an error writing the PidFile (this could still
happen, either due to a race or things like ENOSPC).  This part based on Roumen
Petrov's patch.

Patch against OpenBSD -current.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=606





------- Additional Comments From djm at mindrot.org  2003-06-26 22:14 -------
OK - (1) isn't difficult unless one wants the error written to stderr (the
pidfile writing happens after the fork). 

I'd say that the patch confirms that (2) is bloat



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=606





------- Additional Comments From mouring at eviladmin.org  2003-06-27 01:01
-------
Don't know.. Other projects tend to provide notifications on testing 
configurations (apache does), but Darren's patch is wrong.

+	/* Determine directory path to PidFile */
+	if (strrchr(options.pid_file, '/') != NULL) {
+		path = xstrdup(options.pid_file);
+		*(strrchr(path, '/')+1) = '\0';
+	} else
+		path = xstrdup(".");


Fails when the admin is insane and does:  "/my/loc/my\/myfile.pid"

Since it will not decide if the / has been escaped or not.


I don't have a strong feeling either way (For the record, I don't use
the pid file for tracking the sshd).



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=606

openssh at roumenpetrov.info changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
  BugsThisDependsOn|                            |605



------- Additional Comments From openssh at roumenpetrov.info  2003-06-27 21:37
-------
Might is better configure to warn for missing piddir and 
sshd only when cannot create pidfile.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=606

dtucker at zip.com.au changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
 Attachment #338 is|0                           |1
           obsolete|                            |



------- Additional Comments From dtucker at zip.com.au  2003-06-28 00:11 -------
Created an attachment (id=339)
 --> (http://bugzilla.mindrot.org/attachment.cgi?id=339&action=view)
Use realpath to test existence of PidFile directory

One person's "bloat" is another's "valuable
diagnostic" :-)

If you cut down the things that are checked for and can live with less
descriptive errors you can just use realpath().  It still performs a useful
subset of tests (and handles Ben's evilness too) with less code.

# sshd/sshd -t -o 'PidFile /no/such'
Invalid PidFile specification: /no/such (No such file or directory)
# sshd/sshd -t -o 'PidFile /etc/passwd/pidfile'
Invalid PidFile specification: /etc/passwd/pidfile (Not a directory)
# sshd/sshd -t -o 'PidFile /tmp\/myfile.pid'
Invalid PidFile specification: /tmp\\/myfile.pid (No such file or directory)



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=606

djm at mindrot.org changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|                            |FIXED



------- Additional Comments From djm at mindrot.org  2003-06-28 17:50 -------
I have committed a similar patch which reports the error() on failure to create
the pidfile, but not the "sshd -t" tests. There are just too many ways
for an
admin to break a system to test for them all. Besides, pidfile creation failure
is non-fatal.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.