ssh closing file descriptors for ControlPersist

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Hi all,
we were discussing internally how to make openssh leave open file descriptors that were open before main using LD_PRELOAD. Lately I filled upstream bugzilla [1] with proposed solution, that could be acceptable by upstream, but I'm also posting on this list to get more attention, other points of view or ideas for this case.

I understand well, that closing FDs is important for backgrounded [mux] process who is handling IO for all sessions in specific connection. I also understand, that it is good practice to know what are your open file descriptors and close the other "hanging around". But aside all of this, what would be proposal if you would need to preserve this open file descriptor?

In above mentioned bugzilla, I'm proposing to close these FDs only if we have configuration option ControlPersist enabled (as comments in code describes). This requires to move the the whole closing thing down after reading config files and commandline options. But this can interfere with debug logging enabled (using -E option), so to make it working, it is required to reopen this log file after closing other FDs.

Q: File descriptor from debug log (-E option) doesn't matter when backgrounding ControlPersist master? Q: For non-backgrounding process using ControlMaster only is not a problem to have hanging file descriptors around?

I'm interested only in preserving this FD without multiplexing, but of course I want to have multiplexing working after this change.

[1] https://bugzilla.mindrot.org/show_bug.cgi?id=2394

--
Jakub Jelen
Associate Software Engineer
Security Technologies
Red Hat

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux