Bug 145004

Summary: telnetd cleanup() race condition with syslog in signal handler
Product: Red Hat Enterprise Linux 4 Reporter: Jason Vas Dias <jvdias>
Component: telnetAssignee: Harald Hoyer <harald>
Status: CLOSED ERRATA QA Contact: Ben Levenson <benl>
Severity: medium Docs Contact:
Priority: medium    
Version: 4.0CC: dlehman
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2005-03-28 19:49:16 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 143929    
Attachments:
Description Flags
Patch to fix cleanup wtmp race condition none

Description Jason Vas Dias 2005-01-13 17:03:43 UTC 
Description of problem:
Telnetd can enter the logout(3) call in cleanup() 
via a signal handler, when the main program also
enters logout in cleanup(), resulting in self 
deadlock as the wtmp_lock is already held by
the process - see bug #143929 . 

Version-Release number of selected component (if applicable):

telnet-server-0.17-30 

How reproducible:

If cleanup entered by main program when SIGCHLD handler
also in cleanup / logout, 100% .

Steps to Reproduce:
See bug #143929
  



Expected results:

telnetd should not be able to self-deadlock

Additional info:

See attached patch, contributed by  dlstevens.com , 
which fixed the issue.
Comment 1 Jason Vas Dias 2005-01-13 17:04:41 UTC 
Created attachment 109730 [details]
Patch to fix cleanup wtmp race condition
Comment 4 Jason Vas Dias 2005-01-13 21:55:55 UTC 
The patch is now in telnet-*-0.17-31 submitted to RHEL-4, and
telnet-*-0.17-32 submitted to FC4, and is in FC3 CVS.
Comment 6 Jason Vas Dias 2005-02-02 19:01:59 UTC 
Yes, I guess a new bug should be raised against RHEL3 and added to the RHEL3-U5
blockers list to ensure this gets fixed in RHEL3-U5 .
Comment 10 Josh Bressers 2005-03-28 19:49:16 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2005-327.html