bugzilla-daemon at mindrot.org
2005-Feb-01 10:16 UTC
[Bug 977] duplicate log entries when using "sshd -D -e"
http://bugzilla.mindrot.org/show_bug.cgi?id=977
Summary: duplicate log entries when using "sshd -D -e"
Product: Portable OpenSSH
Version: 3.8p1
Platform: ix86
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: openssh-bugs at mindrot.org
ReportedBy: daryl.tester at iocane.com.au
Hi,
When running (Open-)sshd under daemontools, it's recommended to run sshd
with
the options "-D -e" (no daemon, log to stderr). Logging to stderr
however seems
to cause the "Accepted" log entry to be recorded twice e.g. -
Accepted publickey for root from ::ffff:202.6.156.98 port 48878 ssh2
Accepted publickey for root from ::ffff:202.6.156.98 port 48878 ssh2
(note same source port). The same log entry to syslog is only printed once.
I can replicate this on a variety of OpenSSH versions - 3.6.1p2 and 3.8p1 under
Linux FC2 and 3.5p1 under FreeBSD 4.10. 3.1p1 on a Linux Redhat 7.2
doesn't,
however (woo? :-). LogLevel in sshd_config is commented out, so should be
default (INFO?).
I poked around in log.c:do_log() (3.8p1), and discovered through judicious
printf'ing that the second entry occurs in the child process, not the
parent,
although I can't see why this would prevent syslog from printing the second
entry.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2005-Feb-01 10:30 UTC
[Bug 977] duplicate log entries when using "sshd -D -e"
http://bugzilla.mindrot.org/show_bug.cgi?id=977 ------- Additional Comments From dtucker at zip.com.au 2005-02-01 21:30 ------- The is because of privilege separation: when it's on the auth loop runs in both privileged and unprivileged processes (add a geteuid() to your printf to see). It doesn't occur in normal operation because the unpriviliged child is chrooted to /var/empty and has no /dev/log to speak to. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2005-Feb-01 10:40 UTC
[Bug 977] duplicate log entries when using "sshd -D -e"
http://bugzilla.mindrot.org/show_bug.cgi?id=977 ------- Additional Comments From dtucker at zip.com.au 2005-02-01 21:40 ------- Created an attachment (id=797) --> (http://bugzilla.mindrot.org/attachment.cgi?id=797&action=view) reduce log messages from privsep slave to debug only If it bugs you try this patch (against -current but should apply to most recent versions). ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2005-Feb-01 11:02 UTC
[Bug 977] duplicate log entries when using "sshd -D -e"
http://bugzilla.mindrot.org/show_bug.cgi?id=977
daryl.tester at iocane.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |FIXED
------- Additional Comments From daryl.tester at iocane.com.au 2005-02-01 22:02
-------
Doesn' worry me, it worries my log summary script (and the customer who
viewed the results :-).
Patch works a treat against 3.8p1 - thanks for the quick response.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.