From mboxrd@z Thu Jan  1 00:00:00 1970
X-Msuck: nntp://news.gmane.io/gmane.comp.sysutils.supervision.general/1531
Path: news.gmane.org!not-for-mail
From: Charlie Brady <charlieb-qpsmtpd@budge.apana.org.au>
Newsgroups: gmane.comp.sysutils.supervision.general
Subject: Re: runit not collecting zombies
Date: Sat, 15 Sep 2007 11:47:02 -0400 (EDT)
Message-ID: <Pine.LNX.4.64.0709151136230.6555@e-smith.charlieb.ott.istop.com>
References: <Pine.LNX.4.64.0709121154120.24457@e-smith.charlieb.ott.istop.com>
 <20070912172245.GF12043@home.power> <Pine.LNX.4.64.0709121329560.24457@e-smith.charlieb.ott.istop.com>
 <20070912181836.GG12043@home.power> <Pine.LNX.4.64.0709121451100.24457@e-smith.charlieb.ott.istop.com>
 <20070912191346.GH12043@home.power> <Pine.LNX.4.64.0709121514570.24457@e-smith.charlieb.ott.istop.com>
 <20070915133641.GA30650@home.power> <20070915135749.GB30650@home.power>
 <Pine.LNX.4.64.0709151114320.6555@e-smith.charlieb.ott.istop.com>
 <20070915152804.GD30650@home.power>
NNTP-Posting-Host: lo.gmane.org
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
X-Trace: sea.gmane.org 1189903989 22356 80.91.229.12 (16 Sep 2007 00:53:09 GMT)
X-Complaints-To: usenet@sea.gmane.org
NNTP-Posting-Date: Sun, 16 Sep 2007 00:53:09 +0000 (UTC)
Cc: supervision@list.skarnet.org
To: Alex Efros <powerman@powerman.asdfGroup.com>
Original-X-From: supervision-return-1766-gcsg-supervision=m.gmane.org@list.skarnet.org Sun Sep 16 02:53:07 2007
Return-path: <supervision-return-1766-gcsg-supervision=m.gmane.org@list.skarnet.org>
Envelope-to: gcsg-supervision@gmane.org
Original-Received: from antah.skarnet.org ([212.85.147.14])
	by lo.gmane.org with smtp (Exim 4.50)
	id 1IWiNl-0004Cw-TX
	for gcsg-supervision@gmane.org; Sun, 16 Sep 2007 02:53:05 +0200
Original-Received: (qmail 7658 invoked by uid 76); 16 Sep 2007 00:53:26 -0000
Mailing-List: contact supervision-help@list.skarnet.org; run by ezmlm
List-Post: <mailto:supervision@list.skarnet.org>
List-Help: <mailto:supervision-help@list.skarnet.org>
List-Unsubscribe: <mailto:supervision-unsubscribe@list.skarnet.org>
List-Subscribe: <mailto:supervision-subscribe@list.skarnet.org>
List-Archive: <http://www.skarnet.org/lists/>
Original-Received: (qmail 10451 invoked from network); 15 Sep 2007 15:47:24 -0000
X-X-Sender: charlieb@e-smith.charlieb.ott.istop.com
In-Reply-To: <20070915152804.GD30650@home.power>
Xref: news.gmane.org gmane.comp.sysutils.supervision.general:1531
Archived-At: <http://permalink.gmane.org/gmane.comp.sysutils.supervision.general/1531>


On Sat, 15 Sep 2007, Alex Efros wrote:

> I think this is normal ssh behaviour and doesn't related to zombie issue.

No. It might be usual ssh behaviour, but it's wrong behaviour and is 
related to the zombie issue. Please re-read my earlier posts to the 
thread.

> # tail /tmp/ssh_strace3
> [pid 14926] connect(6, {sa_family=AF_FILE, path="/dev/log"}, 110) = 0
> [pid 14926] send(6, "<38>Sep 15 15:23:15 sshd[14926]:"..., 65, MSG_NOSIGNAL) = 65
> [pid 14926] close(6)                    = 0
> [pid 14926] exit_group(255)             = ?
> Process 14926 detached
> [pid 14925] <... read resumed> 0x5baa81ac, 4) = ? ERESTARTSYS (To be restarted)
> [pid 14925] --- SIGCHLD (Child exited) @ 0 (0) ---
> [pid 14925] read(6, "", 4)              = 0
> [pid 14925] exit_group(255)             = ?
> Process 14925 detached

You won't see zombies if process 14925 reads exit status of process 14926 
before it exits.

Yes, runit should reap that status, but that doesn't change the fact that 
ssh is wrong. Note also that SIGCHLD is delivered to sshd process, not to 
runit, because 14926 terminates before 14925.

IMO this is a bug in the privilege separation code in openssh.