Hi, So that you know, I did a pull request on the OpenSSH-portable GitHub to avoid this discussion to fall into oblivion. Best regards, Yonathan > On 2 Aug 2018, at 18:57, Iain Morgan <imorgan@xxxxxxxxxxxx> wrote: > > That's great news! Do you have any input regarding the implementation > details? Any suggestions that would ease inclusion of this feature would > be welcome. > > -- > Iain > > On Wed, Aug 01, 2018 at 10:55:52 +1000, Damien Miller wrote: >> FWIW, now that privsep is mandatory I have no objection to including >> signal support in sshd. >> >> On Wed, 25 Jul 2018, Yonathan Bleyfuesz wrote: >> >>> Hi all, >>> >>> I would like to propose some ideas to revivify this subject. >>> >>> -First, we could add support on the client to send signal thanks to the escape characters. >>> (code : https://github.com/JawaGL/openssh-portable/commit/5bc9e6bc959b1b0f89d7ca7b4b04d7c37079fef0 ). >>> >>> With this, in order to send a message requesting the server to send a SIGTERM to the remote process, you need to type “~ST” which is not really invasive client-side. >>> >>> But this means that the client has to enable TTY. >>> >>> >>> -Secondly , server-side, there is a problem with the currently suggested patch : it only works when we do an ‘exec’ request to the server (eg : ssh some-host “some; commands;”). >>> >>> This is because in the other possible configuration, a shell is launched by the server. Then when we launch a process, it is forked by this shell and thus it has its own group-id. >>> >>> When the user launches a signal-request hoping to reach a blocking process, the pid that is used by the ‘killpg’ function is the one of the shell. So it is this shell that catches the signal resulting in it: >>> - dying and leaving zombies >>> - dying and taking its child with him (SIGHUP and SIGKILL) >>> - ignoring the signal (SIGINT, SIGTERM, SIGQUIT). >>> >>> Example of ID’s when I connect to a server and launch the script test_signal.sh : >>> PID PPID PGID SID >>> 4060 1598 4060 1556 sshd sshd: root@pts/2 >>> 4062 4060 4062 4062 bash -bash >>> 4075 4062 4075 4062 sh sh test_signal.sh >>> 4076 4075 4075 4062 sh sh test_signal.sh >>> >>> So in order to take this use case into account we could use the 'tcgetpgrp()’ function from ‘unistd.h’. >>> (code : https://github.com/JawaGL/openssh-portable/commit/3667c0d90688c43ac0729083f73afa65102226b4 ) >>> >>> Of course this would still work if there are no TTY present since we can still access the PGID of the forked child in the session attributes. >>> >>> -Finally, in order to test these functionalities, we could integrate a test case in the regress folder. (code : https://github.com/JawaGL/openssh-portable/commit/02c39b15363c54d0e622e5724c721a474e1cacd6). >>> >>> >>> I tested all these features on MacOSX and Ubuntu 18. >>> >>> I hope this helps, >>> Thanks in advance for your returns, >>> >>> Yonathan >>> >>> >>> _______________________________________________ >>> openssh-unix-dev mailing list >>> openssh-unix-dev@xxxxxxxxxxx >>> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev >>> >> _______________________________________________ >> openssh-unix-dev mailing list >> openssh-unix-dev@xxxxxxxxxxx >> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev > > -- > Iain Morgan _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev