Is this a bug? 2: the return

Philippe Brand philippe.brand at safe-protect.com
Tue Dec 4 20:56:56 WST 2007


Hello there,

I think I've come accross a problem with dropbear >=0.49, originating
long time ago from a fix done in 0.49 version abtou FD writability.
For remote control purpose I'm using dbclient on an appliance (A) to
send command to another system (B).

A sends to B
/usr/bin/dbclient -p $someport -y -i /whatever/.ssh/id_rsa 
$someuser@$ip "$cmd"

$cmd holds /usr/local/bin/someutil

someutil is a C compiled program which setuid() then forks and execve a
shell script. Parent process does not detach from terminal.
As soon as 'someutil' forks, ssh session ends, but 'someutil' continues
to run nicely. However I simply loose 'someutil' output.

If I replace $cmd by "/usr/local/bin/someutil; touch /tmp/foobar", same
things again, but I can see /tmp/foobar is actually touched.

Things run nicely using 0.48.1.

I personnaly think that original example is wrong, in the way that a
simple "sleep 10&" does not detach from terminal. I agree that session
should be close if a "nohup sleep 10 >/dev/null 2>&1 &" command was
launch but not if a program "simply" forks.

I apologize for both my english, being not my natural language, and lack
of time inspecting code.


>>On Fri, Mar 24, 2006 at 10:09:30PM -0500, Rob Landley wrote:
>> If I do the following:
>>
>> dbclient user at system "sleep 10& echo hello"
>>
>> It should return right after printing hello, but it doesn't.  It
waits until
>> the child process exits.
>>
>> This is a known, longstanding but in OpenSSH on Linux.  It doesn't do
this on
>> OpenBSD (the OpenSSH developers insist that it must therefore be a
Linux bug,
>> but the Linux developers I talked to wondered what they were
drinking, if I
>> recall correctly from when I asked in 2001.)  An xterm won't do this,
telnet
>> won't do this...  Just OpenSSH on Linux (not OpenBSD).  And now dropbear.
>>
>> Is dropbear intentionally copying this bug?
>
>I've had a quick look, and I think that it is a bug, though
>it hasn't been intentionally copied from OpenSSH.  The fix
>should be relatively straightfoward, I'll make sure it goes
>into the next release. Currently Dropbear won't close the FD
>for a shell until the process exits. Instead it should just
>be testing for writability of the the FD.
>
>Thanks for the report.
>
>Matt

-- 
Philippe BRAND
Safe-Protect
This signature has been created using 100% recycled spams catched by a
Safe-Protect BOX. <http://www.safe-protect.com>
Linux user
-------------- next part --------------
A non-text attachment was scrubbed...
Name: philippe_brand.vcf
Type: text/x-vcard
Size: 263 bytes
Desc: not available
Url : http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/attachments/20071204/a6a80997/attachment.vcf 


More information about the Dropbear mailing list