Hide Forgot
+++ This bug was initially created as a clone of Bug #727445 +++ Created attachment 516268 [details] "ps" result that sshd goes infine loop.. Description of problem: If I set lots of IP lists(over 2048byte) at a line of /etc/hosts.allow, some programs that call the tcp_wrapper() such as ssh, snmpd,ldap, vsftpd, etc. eats 100% CPU when there was any request from outside. in case of ssh, can't connect even the IP was allowed from /etc/hosts.allow. Version-Release number of selected component (if applicable): tcp_wrappers-7.6-40.7.el5 How reproducible: very simple. just adding the lots if IP lists(around 160?) at a line. you can check the size of the IP lists using Ctrl+G at the end of lists in vi mode. Steps to Reproduce: 1. add the lots of ip lists(over 2048 byte, aorund 160 ip lists?) at a line such as like below, for example, snmpd. /etc/hosts.allow snmpd: 1.1.1.1, 2.2.2.2, 3.3.3.3............ sshd : 5.6.7.8 2. add the deny all connections. /etc/hosts.deny sshd : All 3. try to connect the ssh to this server from 3.3.3.3 that is allowed at hosts.allow. Actual results: sshd process eats 100% CPU and client can't connect. this is "ps aux" result. -------------------------------------------------------------------------- USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 27528 91.6 0.0 64824 2740 ? Rs 16:33 0:05 sshd: [accepted] ---------------------------------------------------------------------------- Expected results: Additional info: the sequence is important. the exceeded line(snmpd for example) should be above than the actual service(sshd). it's because of "xgets()" related issue and this causes infine loop. --- Additional comment from antihong on 2011-08-02 03:48:25 EDT --- correction. 3. try to connect the ssh to this server from 3.3.3.3 that is allowed at hosts.allow ==> 3. try to connect the ssh to this server from 5.6.7.8 that is allowed at hosts.allow --- Additional comment from jchadima on 2011-08-11 15:48:46 EDT --- can you please contact RH support? --- Additional comment from antihong on 2011-08-11 19:05:30 EDT --- Do you mean this is not bug? thanks. --- Additional comment from jchadima on 2011-08-15 02:48:43 EDT --- (In reply to comment #3) > Do you mean this is not bug? > > thanks. this is the bug, of course, but connect the support please. --- Additional comment from antihong on 2011-08-15 05:27:48 EDT --- but I don't know how to do it. Could you do it instead of me? thanks. --- Additional comment from jchadima on 2011-08-17 07:55:07 EDT --- I cannot to do it, Only I can do to repair the bug in fedora (now it is repaired in rawhide).
This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux maintenance release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux Update release for currently deployed products. This request is not yet committed for inclusion in an Update release.
Since RHEL 6.2 External Beta has begun, and this bug remains unresolved, it has been rejected as it is not proposed as exception or blocker. Red Hat invites you to ask your support representative to propose this request, if appropriate and relevant, in the next release of Red Hat Enterprise Linux.
This request was evaluated by Red Hat Product Management for inclusion in the current release of Red Hat Enterprise Linux. Because the affected component is not scheduled to be updated in the current release, Red Hat is unfortunately unable to address this request at this time. Red Hat invites you to ask your support representative to propose this request, if appropriate and relevant, in the next release of Red Hat Enterprise Linux. If you would like it considered as an exception in the current release, please ask your support representative.
This request was not resolved in time for the current release. Red Hat invites you to ask your support representative to propose this request, if still desired, for consideration in the next release of Red Hat Enterprise Linux.
This request was erroneously removed from consideration in Red Hat Enterprise Linux 6.4, which is currently under development. This request will be evaluated for inclusion in Red Hat Enterprise Linux 6.4.
This request was evaluated by Red Hat Product Management for inclusion in the current release of Red Hat Enterprise Linux. Because the affected component is not scheduled to be updated in the current release, Red Hat is unable to address this request at this time. Red Hat invites you to ask your support representative to propose this request, if appropriate, in the next release of Red Hat Enterprise Linux.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2016-0796.html