bugzilla-daemon at bugzilla.mindrot.org
2011-Mar-28 06:57 UTC
[Bug 1883] New: use setproctitle for persistent mux master
bugzilla.mindrot.org/show_bug.cgi?id=1883 Summary: use setproctitle for persistent mux master Product: Portable OpenSSH Version: 5.8p1 Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P2 Component: ssh AssignedTo: unassigned-bugs at mindrot.org ReportedBy: Bert.Wesarg at googlemail.com Created attachment 2024 --> bugzilla.mindrot.org/attachment.cgi?id=2024 implementation Preserving the command line from the invoking ssh command doesn't make much sense, so use setproctitle() to hide the arguments. And chdir into /. -- Configure bugmail: bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2011-Apr-12 05:37 UTC
[Bug 1883] use setproctitle for persistent mux master
bugzilla.mindrot.org/show_bug.cgi?id=1883 --- Comment #1 from Damien Miller <djm at mindrot.org> 2011-04-12 15:37:26 EST --- Comment on attachment 2024 --> bugzilla.mindrot.org/attachment.cgi?id=2024 implementation>@@ -230,12 +230,25 @@ main(int ac, char **av) > struct servent *sp; > Forward fwd; > >- /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ >- sanitise_stdfd(); >- > __progname = ssh_get_progname(av[0]); > init_rng(); > >+#ifndef HAVE_SETPROCTITLE >+ /* Prepare for later setproctitle emulation */ >+ { >+ /* Save argv. Duplicate so setproctitle emulation doesn't clobber it */ >+ char **saved_argv = xcalloc(ac + 1, sizeof(*saved_argv)); >+ for (i = 0; i < ac; i++) >+ saved_argv[i] = xstrdup(av[i]); >+ saved_argv[i] = NULL; >+ compat_init_setproctitle(ac, av); >+ av = saved_argv;compat_init_setproctitle() should save everything that is necessary. Is it not working for you? Also, why reorder the sanitise_stdfd() call? -- Configure bugmail: bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2011-Apr-12 06:36 UTC
[Bug 1883] use setproctitle for persistent mux master
bugzilla.mindrot.org/show_bug.cgi?id=1883 --- Comment #2 from Bert Wesarg <Bert.Wesarg at googlemail.com> 2011-04-12 16:36:14 EST --- (In reply to comment #1)> > compat_init_setproctitle() should save everything that is necessary. Is > it not working for you? > > Also, why reorder the sanitise_stdfd() call?I copied from sshd.c which includes the different order of the sanitise_stdfd() to make int consistent. I just put the save_argv code inside the HAVE_SETPROCTITLE guard too, because I don't see a need for this without setproctitle. -- Configure bugmail: bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2011-May-06 00:48 UTC
[Bug 1883] use setproctitle for persistent mux master
bugzilla.mindrot.org/show_bug.cgi?id=1883 --- Comment #3 from Damien Miller <djm at mindrot.org> 2011-05-06 10:48:42 EST --- Created attachment 2040 --> bugzilla.mindrot.org/attachment.cgi?id=2040 /tmp/setproctitle-mux.diff openbsd patch -- Configure bugmail: bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2011-May-06 00:49 UTC
[Bug 1883] use setproctitle for persistent mux master
bugzilla.mindrot.org/show_bug.cgi?id=1883 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #2040|/tmp/setproctitle-mux.diff |OpenBSD patch description| | Attachment #2040| |ok?(dtucker at zip.com.au) Flags| | -- Configure bugmail: bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2011-May-06 00:53 UTC
[Bug 1883] use setproctitle for persistent mux master
bugzilla.mindrot.org/show_bug.cgi?id=1883 Darren Tucker <dtucker at zip.com.au> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #2040|ok?(dtucker at zip.com.au) |ok+ Flags| | -- Configure bugmail: bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2011-May-06 05:59 UTC
[Bug 1883] use setproctitle for persistent mux master
bugzilla.mindrot.org/show_bug.cgi?id=1883 --- Comment #4 from Bert Wesarg <Bert.Wesarg at googlemail.com> 2011-05-06 15:59:29 EST --- What about the chdir(/)? I think this is mandatory for daemons. I also suggest to change the proctitle after a mux stopped listening. Maybe something like this in client_stop_mux(): setproctitle("[closed mux]"); Thanks. -- Configure bugmail: bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2011-May-06 06:10 UTC
[Bug 1883] use setproctitle for persistent mux master
bugzilla.mindrot.org/show_bug.cgi?id=1883 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |djm at mindrot.org --- Comment #5 from Damien Miller <djm at mindrot.org> 2011-05-06 16:10:25 EST --- chdir("/") is required for system daemons so they don't block the unmounting of filesystems by holding directory fds open. This seems to be less important for user background processes, where the user would probably remain logged in anyway. Furthermore, in ssh's case it will require ongoing access to known_hosts over the life of the connection (as the hostkey can legally change during key re-exchange) and to the mux socket itself. I guess you could make a case for doing chdir(dirname(UserKnownHostsFile)) or chdir to the directory of the mux socket, but that is really a separate issue. as for doing setproctitle for gracefully-closed mux masters: good idea. I'll add it to the patch. -- Configure bugmail: bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2011-May-06 06:16 UTC
[Bug 1883] use setproctitle for persistent mux master
bugzilla.mindrot.org/show_bug.cgi?id=1883 --- Comment #6 from Damien Miller <djm at mindrot.org> 2011-05-06 16:16:47 EST --- actually, unconditionally doing setproctitle() in process_mux_stop_listening() is incorrect. It should only be done for forked masters. -- Configure bugmail: bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2011-May-06 06:28 UTC
[Bug 1883] use setproctitle for persistent mux master
bugzilla.mindrot.org/show_bug.cgi?id=1883 --- Comment #7 from Bert Wesarg <Bert.Wesarg at googlemail.com> 2011-05-06 16:28:23 EST ---> chdir("/") is required for system daemons so they don't block the > unmounting of filesystems by holding directory fds open.This is exactly my problem, say I do some ssh/scp from a directory on an USB stick or an sshfs mount, than the persistent mux should not prevent unmounting of this, completely unrelated, mount point. -- Configure bugmail: bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2011-May-06 06:30 UTC
[Bug 1883] use setproctitle for persistent mux master
bugzilla.mindrot.org/show_bug.cgi?id=1883 --- Comment #8 from Bert Wesarg <Bert.Wesarg at googlemail.com> 2011-05-06 16:30:43 EST ---> actually, unconditionally doing setproctitle() in > process_mux_stop_listening() is incorrect. It should only be done for > forked masters.Sure, but I proposed doing it in client_stop_mux() and there under the options.control_persist condition. -- Configure bugmail: bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2011-May-06 12:04 UTC
[Bug 1883] use setproctitle for persistent mux master
bugzilla.mindrot.org/show_bug.cgi?id=1883 --- Comment #9 from Damien Miller <djm at mindrot.org> 2011-05-06 22:04:26 EST --- ok, doing chdir() is a separate issue - please file a bug for that and we can discuss a solution there. I guess it comes down to choosing between the directory containing the mux socket, the user's home directory or the directory containing UserKnownHostsFile. -- Configure bugmail: bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2011-May-06 12:29 UTC
[Bug 1883] use setproctitle for persistent mux master
bugzilla.mindrot.org/show_bug.cgi?id=1883 --- Comment #10 from Bert Wesarg <Bert.Wesarg at googlemail.com> 2011-05-06 22:29:36 EST --- (In reply to comment #9)> ok, doing chdir() is a separate issue - please file a bug for that and > we can discuss a solution there. I guess it comes down to choosing > between the directory containing the mux socket, the user's home > directory or the directory containing UserKnownHostsFile.Done: #1902 -- Configure bugmail: bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2011-Jun-03 02:12 UTC
[Bug 1883] use setproctitle for persistent mux master
bugzilla.mindrot.org/show_bug.cgi?id=1883 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |1845 Status|NEW |RESOLVED Resolution| |FIXED --- Comment #11 from Damien Miller <djm at mindrot.org> 2011-06-03 12:12:15 EST --- applied - this will be in openssh-5.9. thanks! -- Configure bugmail: bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2011-Jun-03 14:01 UTC
[Bug 1883] use setproctitle for persistent mux master
bugzilla.mindrot.org/show_bug.cgi?id=1883 Bert Wesarg <Bert.Wesarg at googlemail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |1911 -- Configure bugmail: bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2011-Sep-06 05:32 UTC
[Bug 1883] use setproctitle for persistent mux master
bugzilla.mindrot.org/show_bug.cgi?id=1883 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #12 from Damien Miller <djm at mindrot.org> 2011-09-06 15:32:49 EST --- close resolved bugs now that openssh-5.9 has been released -- Configure bugmail: bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. You are watching someone on the CC list of the bug.