Hi, I use OpenSSH (thanks folks) to administer a mix of boxes at work and have seen some quite scary problems. I set up an ssh connection from the host to a central admin machine from a perl script running on the host. The script brings up an ssh connection to the central admin machine and sets up some reverse port redirection for administration (telnet for instance) and some forward redirection for offsite real time logging. This is working fine except a Solaris 2.6 box (Ultra2) has started spontaneously rebooting. I put this down to hardware until today, when I was working on the machine through the redireted telnet port and accidently closed the ssh session from the host machine. This dropped my session of course, big deal I thought, but the host dropped to single user mode and stopped accepting connections. This leads me to suspect that events on a redirected session inside an ssh session, can effect the health of the box the client is run on.. Another problem I've seen is that we also redirct a localhost port on the hosts through the ssh session, to syslog-ng on the central host. Whenever we HUP syslog on the central host, it drops the ssh session. I figure this is a problem with the way syslog-ng closes TCP connections but it may also be a pointer to the rebooting problem. Anyone got any ideas? The box is running Solaris 2.6 and OpenSSH client version 1.2.2 protocol version 1.5. I'll upgrade it today to 2.1.1 today from the portable source to see if that reduces problems. ciao dave -- Dave Edwards davo at chunga.apana.org.au || davo at sa.apana.org.au Adelaide, South Australia ----
X-PMC-CI-e-mail-id: 13125>This dropped my session of course, big deal I thought, but the >host dropped to single user mode and stopped accepting >connections. This leads me to suspect that events on a >redirected session inside an ssh session, can effect the health >of the box the client is run on..This sounds to me a kill (-1, whatever) is executed by mistake on the host. (Yeah, this sounds like a bug.) Maybe the first argument to kill was supposed to be a process ID, but the process id was somehow -1 (because the value was returned by a failed system call since such process was not found, etc..).>From man kill:> If pid is -1 and the effective user ID of the sender is > super-user, the signal is sent to all processes except sys- > tem processes, process 1, and the process sending the sig- > nal.process 1 is usally init. Hence I suspect that the sshd running with effective ID of superuser was invoking kill() for process ID, -1, by mistake. -- Ishikawa, Chiaki ishikawa at personal-media.co.jp.NoSpam or (family name, given name) Chiaki.Ishikawa at personal-media.co.jp.NoSpam Personal Media Corp. ** Remove .NoSpam at the end before use ** Shinagawa, Tokyo, Japan 142-0051
On Thu, 22 Jun 2000, Chiaki Ishikawa wrote:> X-PMC-CI-e-mail-id: 13125 > > >This dropped my session of course, big deal I thought, but the > >host dropped to single user mode and stopped accepting > >connections. This leads me to suspect that events on a > >redirected session inside an ssh session, can effect the health > >of the box the client is run on.. > > This sounds to me a > > kill (-1, whatever) > > is executed by mistake on the host. > (Yeah, this sounds like a bug.)Can you try this patch and keep an eye out for errors of the form "session_close_by_channel: Unsafe s->pid = XXX" in your logs? Regards, Damien Miller diff -u -r1.18 session.c --- session.c 2000/06/18 04:50:44 1.18 +++ session.c 2000/06/22 10:33:08 @@ -1608,7 +1608,9 @@ session_close(s); } else { /* notify child, delay session cleanup */ - if (kill(s->pid, (s->ttyfd == -1) ? SIGTERM : SIGHUP) < 0) + if (s->pid <= 1) + error("session_close_by_channel: Unsafe s->pid = %d", s->pid); + else if (kill(s->pid, (s->ttyfd == -1) ? SIGTERM : SIGHUP) < 0) error("session_close_by_channel: kill %d: %s", s->pid, strerror(errno)); } -- | "Bombay is 250ms from New York in the new world order" - Alan Cox | Damien Miller - http://www.mindrot.org/ | Email: djm at mindrot.org (home) -or- djm at ibs.com.au (work)