Bug 60610 - ssh returns wrong exit code
Summary: ssh returns wrong exit code
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: openssh   
(Show other bugs)
Version: 7.2
Hardware: i386
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Nalin Dahyabhai
QA Contact: Brian Brock
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2002-03-02 10:36 UTC by Mike Bird
Modified: 2007-04-18 16:40 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2002-03-03 07:14:00 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description Mike Bird 2002-03-02 10:36:44 UTC
Description of Problem: After upgrading from kernel-2.4.9-21 to kernel-2.4.9-31,
ssh returns wrong exit code under some circumstances (seriously munging our
systems management!)


Version-Release number of selected component (if applicable): 2.9p2-12


How Reproducible:

"ssh localhost rpm -qa </dev/null; echo $?"
should reveal exit code 0 but on most upgraded systems gives exit code 255

removing "ssh localhost" gives exit code 0 which is correct

adding "strace" before either "ssh" or "rpm" appears to show that the ssh/sshd
system is changing the 0 to -1.  However "ssh localhost exit 0" works correctly.

Comment 1 Mike Bird 2002-03-03 07:13:55 UTC
The problem is a race in sshd which was exposed by small changes in the kernel. 
Here's a simpler test case:

ssh localhost perl -e
"'close(STDIN);close(STDOUT);close(STDERR);sleep(1);exit(0);'"

Because the fd's are closed before the process exits, the cleanup code in
session.c is used instead of the cleanup code in serverloop.c.  The session.c
cleanup code ignores the process exit code, contrary to spec which says that
sshd waits for process exit AND all fd's closed, then passes the exit code to
ssh.

The effect of the current code is to wait for process exit OR all fd's closed,
which results in the observed race as well as other incorrect behavior.

WORKAROUND

Until this is fixed, the following workaround seems to work in most cases. 
Instead of:

  ssh localhost foo

- use this:

  ssh localhost 'foo; exit $?'




Comment 2 Mike Bird 2002-03-09 01:43:50 UTC
Bug does not exist in openssh-3.1p1-2 which was released today to fix a serious security bug.


Note You need to log in before you can comment on or make changes to this bug.