Created attachment 1716539 [details] Patch This bug was initially created as a copy of Bug #1853102 I am copying this bug because: This needs to be fixed in Fedora as well. Description of problem: As described in Bug 1299351, /bin/login process temporarily closes all file descriptors when calling vhangup(). If /usr/sbin/in.telnetd reads from pty master while pty slave is temporarily closed, in.telnetd process gets EIO error. But as a side effect of Bug 145636, in.telnetd process immediately closes connection upon EIO error. Version-Release number of selected component (if applicable): telnet-server-0.17-77.fc33.x86_64 Any environment which uses /bin/login which closes all file descriptors before vhangup(). How reproducible: This race condition is timing dependent, but I think it is not difficult to reproduce. Steps to Reproduce: (1) Install xinetd, telnet-server, telnet and strace packages. (2) Create /etc/xinetd.d/telnet with the following content, in order to widen this race window by making in.telnetd process and login process run slower. ---------- service telnet { socket_type = stream protocol = tcp wait = no user = root server = /usr/bin/strace server_args = -ttf -o /tmp/strace.log /usr/sbin/in.telnetd disable = no flags = IPv4 } ---------- (3) Restart xinetd service in order to reload /etc/xinetd.d/telnet file. (4) Connect to telnet server using the following command line. Note that echo '' is there for sending a garbage data into this race window. (echo ''; sleep 3) | telnet 127.0.0.1 Actual results: in.telnetd process closes connection before reaching login: prompt. ---------- $ (echo ''; sleep 3) | telnet 127.0.0.1 Trying 127.0.0.1... Connected to 127.0.0.1. Escape character is '^]'. Kernel 3.10.0-1127.13.1.el7.x86_64 on an x86_64 Connection closed by foreign host. ---------- Expected results: in.telnetd process closes connection after reaching login: prompt. ---------- $ (echo ''; sleep 3) | telnet 127.0.0.1 Trying 127.0.0.1... Connected to 127.0.0.1. Escape character is '^]'. Kernel 3.10.0-1127.13.1.el7.x86_64 on an x86_64 localhost login: Connection closed by foreign host. ---------- Additional info: If /usr/bin/strace fails to widen this race window, you can instead try /bin/login built with the following patch applied. ---------- --- a/login-utils/login.c +++ b/login-utils/login.c @@ -397,20 +397,21 @@ static void init_tty(struct login_contex /* Kill processes left on this tty */ tcsetattr(0, TCSANOW, &ttt); /* * Let's close file decriptors before vhangup * https://lkml.org/lkml/2012/6/5/145 */ close(STDIN_FILENO); close(STDOUT_FILENO); close(STDERR_FILENO); + sleep(5); signal(SIGHUP, SIG_IGN); /* so vhangup() wont kill us */ vhangup(); signal(SIGHUP, SIG_DFL); /* open stdin,stdout,stderr to the tty */ open_tty(cxt->tty_path); /* restore tty modes */ tcsetattr(0, TCSAFLUSH, &tt); ----------
FEDORA-2020-a7234fb825 has been submitted as an update to Fedora 33. https://bodhi.fedoraproject.org/updates/FEDORA-2020-a7234fb825
FEDORA-2020-a7234fb825 has been pushed to the Fedora 33 testing repository. In short time you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2020-a7234fb825` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2020-a7234fb825 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2020-a7234fb825 has been pushed to the Fedora 33 stable repository. If problem still persists, please make note of it in this bug report.