[ On Sunday, March 28, 1999 at 11:20:31 (+0300), Jukka Marin wrote: ]
> Subject: Re: ftpd never dies (again)
>
> Like I said, I am using tcpwrappers (well, it's built-in now) and have
> specified the "keepalive" option for ftpd.  It _still_ doesn't work.

I have about 500 or so ftp connections per month to my machine, but I've
never seen a stuck ftpd, and the machine's been up for 95 days now.
It's running 1.3.2, BTW.  One difference might be that these are almost
all simple anonymous connections, and they are not chroot'ed.

I have a similar problem with sshd though, on target machines that I
login to do maintenance on.  I think I've finally figured out what it
might be with SSH too.  Normally I only use SSH when I have to type a
password over the net, such as to su, and normally I only su to root
when I do this.  However my X server crashes every couple of days, after
I've built up a good number SSH connections, sometimes several to the
same machine.  When I login to these remote machines again I find that
all of my su sessions are hung and I have to use 'kill -9' on the user
shell, or 'kill -1' on the root shell, to get them to exit.  If I don't
kill them they'll stay around for weeks.  Note that I do have 'KeepAlive
yes' in /etc/sshd_config on all target machines.  I also finally noticed
that it was only the sessions where I've su'ed get stuck.  Given this
fact, and the fact that a simple 'kill -1' to the root shell will kill
them, I suspect that the problem is that the kernel is not successfully
delivering a SIGHUP to all the processes on the tty, probably because
some security check or another has gone a little overboard, or perhaps
the su processes are being disconnected from the tty group some how,
since it happens even if I su to myself.  (This happens with target
systems that are 1.3.x and on 1.3I too and is trivial to reproduce.)

At some point I'll try to find the time to track this down and prove it
for sure, but for now I wanted to add the idea to the discussion just in
case it might relate in some way to the ftpd woes.

(I also get spurious 'Connection timed out' errors when trying to
rsh/rlogin to a local host sometimes -- and a moment later the
connection will work fine, but I think this is unrelated.)

-- 
							Greg A. Woods

+1 416 218-0098      VE3TCP      <gwoods@acm.org>      <robohack!woods>
Planix, Inc. <woods@planix.com>; Secrets of the Weird <woods@weird.com>