Hi, For each user connection when privilege separation is enabled, 3 processes are of interest for this topic. 1. sshd:[priv] - privileged user process. 2. sshd:user at pts/0 - user process. 3. shell - shell process. Openssh code writes the #2. sshd:user at pts/0 - user process to the utmp/wtmp file. Is this the correct behaviour.? Or should it write the #3. shell pid to the utmp/wtmp file. Thanks -logu
Logu wrote:> For each user connection when privilege separation is enabled, 3 > processes are of interest for this topic. > > 1. sshd:[priv] - privileged user process. > 2. sshd:user at pts/0 - user process. > 3. shell - shell process. > > Openssh code writes the #2. sshd:user at pts/0 - user process to the > utmp/wtmp file. Is this the correct behaviour.? Or should it write the > #3. shell pid to the utmp/wtmp file.I think it should probably write #3 (it's the session leader) however none of the doco I could find specifies (usually it just says "pid of process" and doesn't specify exactly which process). On most systems it doesn't seem to make any difference (HP-UX being the apparent exception). -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
Apparently Analagous Threads
- Irix UseLogin wtmp/utmp bug
- (wtmp) Suggestion to samba
- 64-bit HP/UX 11.00 wtmp corruption identified
- [Lutz.Jaenicke@aet.TU-Cottbus.DE: 2.9p1: HP-UX 10.20 utmp/wtmp handling broken?]
- [Bug 980] sshd does not write the session leader pid to utmp when priv-separation is enabled