Re: Why are there two sshd processes when I log into my computer?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

>Knute Johnson wrote:
>>> When I log in remotely to my FC5 box two sshd processes with usually 
>>> consecutive pids are created?  The original sshd process is still 
>>> there too.
>> 
>> Any ideas then why one of them logs its time in UTC and the other 
>> local?
>> 
>> May 24 22:43:13 rabbitbrush sshd[4258]: Accepted publickey for knute 
>> from 208.1.40.46 port 1614 ssh2
>> May 25 05:43:13 rabbitbrush sshd[4259]: Accepted publickey for knute 
>> from 208.1.40.46 port 1614 ssh2
>
>I agree that it is annoying to have incorrect logs.
>
>This problem has been raised before:
>
>  http://www.redhat.com/archives/rhl-list/2006-March/msg03980.html
>  http://www.redhat.com/archives/rhl-list/2006-April/msg00778.html
>
>but I don't see any reply about a solution and I didn't find an
>open bug for it.
>
>It looks like environmental variables are discarded for security
>reasons (try running "cat /proc/4258/environ", with the correct pid;
>there is no environment). I don't know if the two facts can be related.
>
>I just tried "strace -f" on the sshd daemon process: the following
>lines appear interesting
>
>[pid  9996] time(NULL)                  = 1148562034
>[pid  9996] open("/etc/localtime", O_RDONLY) = -1 ENOENT (No such file or directory)
>[pid  9996] open("/etc/localtime", O_RDONLY) = -1 ENOENT (No such file or directory)
>[pid  9996] open("/etc/localtime", O_RDONLY) = -1 ENOENT (No such file or directory)
>[pid  9996] open("/etc/localtime", O_RDONLY) = -1 ENOENT (No such file or directory)
>[pid  9996] send(6, "<86>May 25 13:00:34 sshd[9996]: "..., 94, MSG_NOSIGNAL) = 94
>
>The process (which is running as user "sshd") does not see the
>"/etc/localtime" file and logs a wrong time (13:00 instead of 15:00,
>in this case).
>
>I don't know why the file appears totally invisible to the process
>(chroot tricks?).

Thanks very much for your reply.  One of the previous posts was from 
me so there doesn't appear to be much interest in this.  Is this 
something that should be filed as a bug?

Thanks,

-- 
Knute Johnson
Molon Labe...


-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux