Bug 125589 - sshd does not update /var/run/utmp when allocated pty > 999
sshd does not update /var/run/utmp when allocated pty > 999
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: openssh (Show other bugs)
2
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Nalin Dahyabhai
:
Depends On:
Blocks: FC3Target FC2Update
  Show dependency treegraph
 
Reported: 2004-06-09 00:23 EDT by R Deepak
Modified: 2007-11-30 17:10 EST (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-11-01 17:54:38 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)
sample output.. (565 bytes, text/plain)
2004-06-09 23:40 EDT, R Deepak
no flags Details

  None (edit)
Description R Deepak 2004-06-09 00:24:00 EDT
Description of problem: 
Reference: Bug ID 124310 
 
sshd doesn't update /var/run/utmp when the allocated pty for a 
remote login is > 999 
 
There is a solution described here:  
  
http://archive.netbsd.se/?list=openssh-bugs&a=2004-04&mid=188151  
  
--------------  
  
   Subject: [Bug 855] doesn't properly log logout event in utmp  
entry when pts  
   From: bugzilla-daemon(-at-)mindrot.org  
   Id:<20040428231648.BC0BF27C189@shitei.mindrot.org>  
   Date: Thu, 29 Apr 2004 09:16:48 +1000 (EST)  
   http://bugzilla.mindrot.org/show_bug.cgi?id=855  
  
   Summary: doesn't properly log logout event in utmp entry when pts  
   bigger than 999  
   Product: Portable OpenSSH  
   Version: 3.8p1  
   Platform: All  
   OS/Version: Linux  
   Status: NEW  
   Severity: normal  
   Priority: P2  
   Component: sshd  
   AssignedTo: openssh-bugs@mindrot.org  
   ReportedBy: arekm@pld-linux.org  
  
   The problem is:  
   syslogin_perform_logout() uses char line[8]; so tty name can have  
max 7  
   characters which is not common on recent linux 2.6.5 (and higher)  
systems   
which  
   do not use first free pts number (see  
http://testing.lkml.org/slashdot.php?  
   mid=465538 if you are really interested).  
  
   Due to that there are bad entries in utmp left like:  
   misiek pts/1049 192.168.2.2 Thu Apr 29 01:11 gone - no logout  
   misiek pts/1046 192.168.2.2 Thu Apr 29 01:05 gone - no logout  
   misiek pts/1045 192.168.2.2 Thu Apr 29 01:05 gone - no logout  
   misiek pts/1044 192.168.2.2 Thu Apr 29 01:04 gone - no logout  
  
   Patch to fix issue:  
   diff -urN openssh-3.8p1.org/loginrec.c openssh-3.8p1/loginrec.c  
   --- openssh-3.8p1.org/loginrec.c 2004-04-29 01:06:46.350105456  
+0200  
   +++ openssh-3.8p1/loginrec.c 2004-04-29 01:07:37.357351176 +0200  
   @@ -1354,7 +1354,7 @@  
   syslogin_perform_logout(struct logininfo *li)  
   {  
   # ifdef HAVE_LOGOUT  
   - char line[8];  
   + char line[LINFO_LINESIZE];  
  
   (void)line_stripname(line, li->line, sizeof(line));  
----------------  
  
Please fix! :)  
 
 
Version-Release number of selected component (if applicable): 
openssh-3.6.1p2-34 (default with core 2) 
 
How reproducible: 
Always 
 
Steps to Reproduce: 
1. "login and logout" from a remote machine 999 times. 
2. subsequent "login/logout"s generate an error from sshd 
in /var/log/secure and do not update /var/run/utmp 
3. 
     
 
Actual Results:  finger shows remote sessions still open. 
 
Expected Results:  finger should show remote sessions closed. 
 
Additional info: 
 
Jun  8 16:49:07 lantana sshd[31053]: syslogin_perform_logout: 
logout() returned an error
Comment 1 Greg 2004-06-09 13:55:32 EDT
As a side comment from the previously referenced bug, if an active
openssh session (i.e. gnome-terminal window) is running in X, and X is
is killed, /var/run/utmp does not seem to be updated correctly either.

Steps to Reproduce:

1.  After a fresh login into X using gnome, open a terminal window:

elisha: ~> finger
Login     Name             Tty      Idle  Login Time   Office    
Office Phone
kriehn    Gregory Kriehn  *:0             Jun  9 10:41
kriehn    Gregory Kriehn   pts/1          Jun  9 10:41 (:0.0)

elisha: ~> w
 10:43:26 up 2 min,  2 users,  load average: 0.86, 0.78, 0.33
USER     TTY      FROM              LOGIN@   IDLE   JCPU   PCPU WHAT
kriehn   :0       -                10:41   ?xdm?  24.67s  0.06s
-/bin/tcsh -c /
kriehn   pts/1    :0.0             10:41    0.00s  0.07s  0.00s w

2.  Leave the terminal window open and kill X with Ctrl-Alt-Backspace. 

3.  Next, log back into gnome after X restarts and open a new openssh
session:

elisha: ~> finger
Login     Name             Tty      Idle  Login Time   Office    
Office Phone
kriehn    Gregory Kriehn  *:0             Jun  9 10:46
kriehn    Gregory Kriehn   pts/1     54d  Jun  9 10:41 (:0.0)
kriehn    Gregory Kriehn   pts/2          Jun  9 10:46 (:0.0)

elisha: ~> finger
Login     Name             Tty      Idle  Login Time   Office    
Office Phone
kriehn    Gregory Kriehn  *:0             Jun  9 10:46
kriehn    Gregory Kriehn   pts/1    120d  Jun  9 10:41 (:0.0)
kriehn    Gregory Kriehn   pts/2          Jun  9 10:46 (:0.0)

elisha: ~> w
 10:46:51 up 6 min,  3 users,  load average: 0.53, 0.57, 0.32
USER     TTY      FROM              LOGIN@   IDLE   JCPU   PCPU WHAT
kriehn   :0       -                10:46   ?xdm?  19.26s  0.06s
-/bin/tcsh -c /
kriehn   pts/2    :0.0             10:46    0.00s  1.61s  0.00s w

Notice the random idle times generated resulting from the stale
openssh session on pts/1.
Comment 2 R Deepak 2004-06-09 23:40:30 EDT
Created attachment 101019 [details]
sample output..
Comment 3 R Deepak 2004-06-09 23:41:45 EDT
I built rpms with updated openssh 3.8.1p1 modified to use 
LINFO_LINESIZE and this solves the first issue. 
 
There is no problem when allocated pts is greater that 999. 
 
There is one issue though finger displays only 3 digit pts numbers. 
So, pts/1000 is displayed as pts/100. 'w' works fine. Look at 
attachment for sample output. 
 
 
Comment 5 Adrian Reber 2004-07-09 05:58:29 EDT
I can confirm this bug. I have the same problem. 

$  w
 11:58:33 up 21 days,  1:52, 417 users,  load average: 0.49, 1.00, 1.34
                             ^^^^^^^^^^

with only ten users logged in.
Comment 6 Florian La Roche 2004-09-26 06:04:54 EDT
Looks fixed with current rpm packages.
Comment 7 Adrian Reber 2004-09-27 03:23:36 EDT
I have installed openssh from FC3test2 on a FC2 system. Currently the
highest used pts is 721, but in some days it will reach 1000. I will
then add an additional comment if this is fixed for me or not.
Comment 8 Adrian Reber 2004-10-01 09:52:43 EDT
I can confirm that this error is fixed on my system (FC2).

openssh-clients-3.9p1-3
openssh-3.9p1-3
openssh-server-3.9p1-3

ptys higher than 1000 are used and users logging out are correctly
logged without any error messages in any logs.

commands like w, who, finger and last work as expected (logged out
users stay no longer logged-in)

Note You need to log in before you can comment on or make changes to this bug.