Ubuntu
openssh package

  1. Bug #687535
  2. Comment #5

Comment 5 for bug 687535

Revision history for this message
AlainKnaff (kubuntu-misc) wrote :

> Alain, I understand your frustration. think a little more serious than Low,

Thanks for your insight.

> as existence of a workaround only barely mitigates the impact of this.

Just a note about this workaround: kill -9 `pidof sshd` will "saw off the branch on which you're sitting" if you happen to manage the system remotely. A safer workaround would be kill -9 `cat /var/run/sshd.pid`

> The problem, I think, is that we're using expect fork

I think what's definitely needed is a way to make upstart track processes by pidfile.

> and I'm not sure why, when sshd has -D

Indeed, that seems to work (just tested it). So, why does ssh fork on reload in the case without -D, if it works without this fork with -D?

> I'm not going to mark it Invalid yet though.

Why do you think this bug should be marked invalid (/etc/init/ssh.conf is part of the openssh-server .deb)? Especially after basically agreeing with me... In general, in Ubuntu, triagers are far too quick to mark bugs as invalid, leading to situations where real problems still aren't fixed in the next release, or problems in LTS releases go unfixed for over a year.

> that we should always track the children as the main process.

This is tricky for processes such as ssh, as upstart might end up accidentally tracking one particular session, rather than the master. Just imagine if a user logs in at exactly the moment where the admin issues a reload ssh. Init would then not know which child to track (new master, or the session of the user who just logged in).
And in the case of squid, upstart would not even know that something is amiss as here the issue is about some intermediate process _not_ exiting when it should, so upstart would not know that something is amiss until after the first reload (... causing that first reload to be ignored...).

A safer alternative would be to optionally track by pidfile (which could be monitored by inotify, and re-read after a child exits). Of course, existence of pid listed in pidfile should be verified by sending it a -0 signal, so that upstart wouldn't get confused by stale pid files.