Bug 145004 - telnetd cleanup() race condition with syslog in signal handler
telnetd cleanup() race condition with syslog in signal handler
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: telnet (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Harald Hoyer
Ben Levenson
Depends On:
Blocks: 143929
  Show dependency treegraph
Reported: 2005-01-13 12:03 EST by Jason Vas Dias
Modified: 2007-11-30 17:07 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2005-03-28 14:49:16 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Patch to fix cleanup wtmp race condition (383 bytes, patch)
2005-01-13 12:04 EST, Jason Vas Dias
no flags Details | Diff

External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2005:327 important SHIPPED_LIVE Important: telnet security update 2005-03-28 00:00:00 EST

  None (edit)
Description Jason Vas Dias 2005-01-13 12:03:43 EST
Description of problem:
Telnetd can enter the logout(3) call in cleanup() 
via a signal handler, when the main program also
enters logout in cleanup(), resulting in self 
deadlock as the wtmp_lock is already held by
the process - see bug #143929 . 

Version-Release number of selected component (if applicable):


How reproducible:

If cleanup entered by main program when SIGCHLD handler
also in cleanup / logout, 100% .

Steps to Reproduce:
See bug #143929

Expected results:

telnetd should not be able to self-deadlock

Additional info:

See attached patch, contributed by  dlstevens@us.ibm.com , 
which fixed the issue.
Comment 1 Jason Vas Dias 2005-01-13 12:04:41 EST
Created attachment 109730 [details]
Patch to fix cleanup wtmp race condition
Comment 4 Jason Vas Dias 2005-01-13 16:55:55 EST
The patch is now in telnet-*-0.17-31 submitted to RHEL-4, and
telnet-*-0.17-32 submitted to FC4, and is in FC3 CVS.
Comment 6 Jason Vas Dias 2005-02-02 14:01:59 EST
Yes, I guess a new bug should be raised against RHEL3 and added to the RHEL3-U5
blockers list to ensure this gets fixed in RHEL3-U5 .
Comment 10 Josh Bressers 2005-03-28 14:49:16 EST
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.


Note You need to log in before you can comment on or make changes to this bug.