Debian Bug report logs -
#809035
ssh.service notification warning in syslog
Reported by: Yuri D'Elia <wavexx@thregr.org>
Date: Sat, 26 Dec 2015 12:39:01 UTC
Severity: minor
Tags: patch
Found in version openssh/1:7.1p1-5
Fixed in version openssh/1:7.1p1-6
Done: Colin Watson <cjwatson@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>:
Bug#809035; Package openssh-server.
(Sat, 26 Dec 2015 12:39:05 GMT) (full text, mbox, link).
Acknowledgement sent
to Yuri D'Elia <wavexx@thregr.org>:
New Bug report received and forwarded. Copy sent to Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>.
(Sat, 26 Dec 2015 12:39:05 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: openssh-server
Version: 1:7.1p1-5
Severity: minor
I started to see the following messages in syslog recently:
Dec 22 18:12:36 e systemd[1]: ssh.service: Got notification message from PID 6719, but reception only permitted for main PID 31374
Dec 22 18:32:55 e systemd[1]: ssh.service: Got notification message from PID 6783, but reception only permitted for main PID 31374
....
Is this an useless warning, or a real problem in the ssh service, or ...?
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>:
Bug#809035; Package openssh-server.
(Sat, 26 Dec 2015 16:30:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Colin Watson <cjwatson@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>.
(Sat, 26 Dec 2015 16:30:04 GMT) (full text, mbox, link).
Message #10 received at 809035@bugs.debian.org (full text, mbox, reply):
On Sat, Dec 26, 2015 at 01:34:47PM +0100, Yuri D'Elia wrote:
> Package: openssh-server
> Version: 1:7.1p1-5
> Severity: minor
>
> I started to see the following messages in syslog recently:
>
> Dec 22 18:12:36 e systemd[1]: ssh.service: Got notification message from PID 6719, but reception only permitted for main PID 31374
> Dec 22 18:32:55 e systemd[1]: ssh.service: Got notification message from PID 6783, but reception only permitted for main PID 31374
> ....
>
> Is this an useless warning, or a real problem in the ssh service, or ...?
Michael, this looks like a regression from your readiness notification
changes that I applied recently. Please could you have a look?
Yuri, please could you post the output of "systemctl status -l
ssh.service"?
Thanks,
--
Colin Watson [cjwatson@debian.org]
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>:
Bug#809035; Package openssh-server.
(Sat, 26 Dec 2015 19:00:03 GMT) (full text, mbox, link).
Acknowledgement sent
to Yuri D'Elia <wavexx@thregr.org>:
Extra info received and forwarded to list. Copy sent to Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>.
(Sat, 26 Dec 2015 19:00:03 GMT) (full text, mbox, link).
Message #15 received at 809035@bugs.debian.org (full text, mbox, reply):
On 26/12/15 17:27, Colin Watson wrote:
> Yuri, please could you post the output of "systemctl status -l
> ssh.service"?
● ssh.service - OpenBSD Secure Shell server
Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enabled)
Active: active (running) since Wed 2015-12-23 11:04:21 CET; 3 days ago
Main PID: 2576 (sshd)
CGroup: /system.slice/ssh.service
└─2576 /usr/sbin/sshd -D
Dec 26 19:51:22 e.thregr.org systemd[1]: ssh.service: Got notification message from PID 17587, but reception only permitted for main PID 2576
Dec 26 19:51:22 e.thregr.org sshd[17587]: Accepted publickey for root from ..
Dec 26 19:51:22 e.thregr.org sshd[17587]: pam_unix(sshd:session): session opened for user root by (uid=0)
In addition:
# ps -f 17587
UID PID PPID C STIME TTY STAT TIME CMD
root 17587 2576 0 19:51 ? Ss 0:00 sshd: root@pts/0
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>:
Bug#809035; Package openssh-server.
(Sat, 26 Dec 2015 21:15:03 GMT) (full text, mbox, link).
Acknowledgement sent
to Michael Biebl <biebl@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>.
(Sat, 26 Dec 2015 21:15:03 GMT) (full text, mbox, link).
Message #20 received at 809035@bugs.debian.org (full text, mbox, reply):
Will do, thanks Colin
Am 26. Dezember 2015 17:27:33 MEZ, schrieb Colin Watson <cjwatson@debian.org>:
>On Sat, Dec 26, 2015 at 01:34:47PM +0100, Yuri D'Elia wrote:
>> Package: openssh-server
>> Version: 1:7.1p1-5
>> Severity: minor
>>
>> I started to see the following messages in syslog recently:
>>
>> Dec 22 18:12:36 e systemd[1]: ssh.service: Got notification message
>from PID 6719, but reception only permitted for main PID 31374
>> Dec 22 18:32:55 e systemd[1]: ssh.service: Got notification message
>from PID 6783, but reception only permitted for main PID 31374
>> ....
>>
>> Is this an useless warning, or a real problem in the ssh service, or
>...?
>
>Michael, this looks like a regression from your readiness notification
>changes that I applied recently. Please could you have a look?
>
>Yuri, please could you post the output of "systemctl status -l
>ssh.service"?
>
>Thanks,
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>:
Bug#809035; Package openssh-server.
(Sat, 26 Dec 2015 23:48:03 GMT) (full text, mbox, link).
Acknowledgement sent
to Michael Biebl <biebl@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>.
(Sat, 26 Dec 2015 23:48:03 GMT) (full text, mbox, link).
Message #25 received at 809035@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Am 26.12.2015 um 19:55 schrieb Yuri D'Elia:
> On 26/12/15 17:27, Colin Watson wrote:
>> Yuri, please could you post the output of "systemctl status -l
>> ssh.service"?
>
> ● ssh.service - OpenBSD Secure Shell server
> Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enabled)
> Active: active (running) since Wed 2015-12-23 11:04:21 CET; 3 days ago
> Main PID: 2576 (sshd)
> CGroup: /system.slice/ssh.service
> └─2576 /usr/sbin/sshd -D
>
> Dec 26 19:51:22 e.thregr.org systemd[1]: ssh.service: Got notification message from PID 17587, but reception only permitted for main PID 2576
> Dec 26 19:51:22 e.thregr.org sshd[17587]: Accepted publickey for root from ..
> Dec 26 19:51:22 e.thregr.org sshd[17587]: pam_unix(sshd:session): session opened for user root by (uid=0)
>
> In addition:
>
> # ps -f 17587
> UID PID PPID C STIME TTY STAT TIME CMD
> root 17587 2576 0 19:51 ? Ss 0:00 sshd: root@pts/0
>
So the notification comes from the forked off sshd child process which
has been started for the logged in user and not the main sshd process.
We probably need to differentiate in the code whether it's the main
process or not and only send the sd_notify notification in the former case.
Colin, is there a simple check how we can determine if we are the main
process?
--
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?
[signature.asc (application/pgp-signature, attachment)]
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>:
Bug#809035; Package openssh-server.
(Sun, 27 Dec 2015 15:03:11 GMT) (full text, mbox, link).
Acknowledgement sent
to Michael Biebl <biebl@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>.
(Sun, 27 Dec 2015 15:03:11 GMT) (full text, mbox, link).
Message #30 received at 809035@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Control: tags -1 + patch
Am 26.12.2015 um 17:27 schrieb Colin Watson:
> Michael, this looks like a regression from your readiness notification
> changes that I applied recently. Please could you have a look?
Attached is a patch on top of the existing one, which fixes the issue by
running the sd_notify() call only in the main process and not the
spawned off children.
It moves it right next to the existing SIGSTOP readiness-signal.
Regards,
Michael
--
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?
[0001-Call-sd_notify-only-for-the-main-process.patch (text/x-patch, attachment)]
[signature.asc (application/pgp-signature, attachment)]
Added tag(s) patch.
Request was from Michael Biebl <biebl@debian.org>
to 809035-submit@bugs.debian.org.
(Sun, 27 Dec 2015 15:03:11 GMT) (full text, mbox, link).
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>:
Bug#809035; Package openssh-server.
(Mon, 04 Jan 2016 13:39:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Colin Watson <cjwatson@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>.
(Mon, 04 Jan 2016 13:39:04 GMT) (full text, mbox, link).
Message #37 received at 809035@bugs.debian.org (full text, mbox, reply):
Control: tag -1 pending
On Sun, Dec 27, 2015 at 04:00:50PM +0100, Michael Biebl wrote:
> Am 26.12.2015 um 17:27 schrieb Colin Watson:
> > Michael, this looks like a regression from your readiness notification
> > changes that I applied recently. Please could you have a look?
>
> Attached is a patch on top of the existing one, which fixes the issue by
> running the sd_notify() call only in the main process and not the
> spawned off children.
> It moves it right next to the existing SIGSTOP readiness-signal.
> From 60aab01587f4974261882b7c4066750f34522ea4 Mon Sep 17 00:00:00 2001
> From: Michael Biebl <biebl@debian.org>
> Date: Sun, 27 Dec 2015 15:58:03 +0100
> Subject: [PATCH] Call sd_notify() only for the main process
>
> Move the sd_notify() call next to the existing SIGSTOP readiness
> notification so it is only run in the main process and not for the
> spawned off children.
It's not actually due to per-login child processes, which come rather
later; the true reason is that when sshd is re-execed it sets
inetd_flag. But your patch does the job either way and I'll just merge
it into your previous patch.
Thanks,
--
Colin Watson [cjwatson@debian.org]
Added tag(s) pending.
Request was from Colin Watson <cjwatson@debian.org>
to 809035-submit@bugs.debian.org.
(Mon, 04 Jan 2016 13:39:04 GMT) (full text, mbox, link).
Reply sent
to Colin Watson <cjwatson@debian.org>:
You have taken responsibility.
(Mon, 04 Jan 2016 16:27:52 GMT) (full text, mbox, link).
Notification sent
to Yuri D'Elia <wavexx@thregr.org>:
Bug acknowledged by developer.
(Mon, 04 Jan 2016 16:27:52 GMT) (full text, mbox, link).
Message #44 received at 809035-close@bugs.debian.org (full text, mbox, reply):
Source: openssh
Source-Version: 1:7.1p1-6
We believe that the bug you reported is fixed in the latest version of
openssh, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 809035@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Colin Watson <cjwatson@debian.org> (supplier of updated openssh package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 04 Jan 2016 15:09:10 +0000
Source: openssh
Binary: openssh-client openssh-client-ssh1 openssh-server openssh-sftp-server ssh ssh-krb5 ssh-askpass-gnome openssh-client-udeb openssh-server-udeb
Architecture: source
Version: 1:7.1p1-6
Distribution: unstable
Urgency: medium
Maintainer: Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>
Changed-By: Colin Watson <cjwatson@debian.org>
Description:
openssh-client - secure shell (SSH) client, for secure access to remote machines
openssh-client-ssh1 - secure shell (SSH) client for legacy SSH1 protocol
openssh-client-udeb - secure shell client for the Debian installer (udeb)
openssh-server - secure shell (SSH) server, for secure access from remote machines
openssh-server-udeb - secure shell server for the Debian installer (udeb)
openssh-sftp-server - secure shell (SSH) sftp server module, for SFTP access from remot
ssh - secure shell client and server (metapackage)
ssh-askpass-gnome - interactive X program to prompt users for a passphrase for ssh-ad
ssh-krb5 - secure shell client and server (transitional package)
Closes: 809035 809695 809696
Changes:
openssh (1:7.1p1-6) unstable; urgency=medium
.
[ Colin Watson ]
* Remove explicit "XS-Testsuite: autopkgtest" from debian/control;
dpkg-source now figures that out automatically based on the existence of
debian/tests/control.
* Allow authenticating as root using gssapi-keyex even with
"PermitRootLogin prohibit-password" (closes: #809695).
* Shuffle PROPOSAL_KEX_ALGS mangling for GSSAPI key exchange a little
later in ssh_kex2 so that it's actually effective (closes: #809696).
.
[ Michael Biebl ]
* Don't call sd_notify when sshd is re-execed (closes: #809035).
Checksums-Sha1:
254c98fc4fa99eb2b7ba7eb39e1c70def48aa70c 2835 openssh_7.1p1-6.dsc
f6a86ead13a5535f4e0ef3c2f46c85ef1422b6eb 148788 openssh_7.1p1-6.debian.tar.xz
Checksums-Sha256:
3300bb7d57d1744b29c36ac1095d81fe345ef388d4e4447a3e4719fe31a054cf 2835 openssh_7.1p1-6.dsc
31239f540911a21d337f72e40a88ef81c5bf1a49aed54a3806b98148281f2be5 148788 openssh_7.1p1-6.debian.tar.xz
Files:
2e76218f302f8e24a9857b8d83b80fcc 2835 net standard openssh_7.1p1-6.dsc
db7e7b7194e09f4ff7a462303eb14b71 148788 net standard openssh_7.1p1-6.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Colin Watson <cjwatson@debian.org> -- Debian developer
iQIVAwUBVoqNLDk1h9l9hlALAQhaxA/+JaIByj9CmnWVHs5XYkWXxijYzKih2FbR
f/bMbwkavHx2mV+FimFM9tYm7M8OHUG/W3XtFQyB4SuQl8EMHagbqzzH0BAmG6nK
snZy6MEoqL1/MkysYNxwLfB09C9Xo+uw6nPsF8wHHaRybOtfpDXCNkZrgrfC4Rc3
4VFXeqlNP0TqXusEt1GDNhDz+wHJ4hz36OM76qQuE836MqYfR8bV1nu7Z2yGyK2f
dNegixCuAGzKoIDmHgsQyzWa8xgn6w8cRZkfL1T2GxGPTfXnWoSsE0oVs15zVKn4
aZxtBePl7uW2WwSxztLuxMOZDZhjNUSGLK7qIvt64ojMcXtUcLlfYiKwkS1SDr/O
2/jYQIXIWvoWVah1OzVhzpcnYB1ibORMDFK8EJFQkT9Idb6ERvD2pQDKVjUZ7A+d
88M93xgKOhyDcAzzRi4baqzNtBmcOa121gUVsXg6m1uKYc8VrumZrZBKZtt9gTGy
xGjp3ZD4r7j7/eM13R3k/AiLCac17LJdZ/MNHtvqHln63y5QTqamaRQykG+fPb1s
D3N9tPtTgygMXv/JGbXMXFLmJEMeesr8reHY2y6/iq86qQ3CslbJy4yInAmZh4Jy
T5QrnzRVu8vdBGpjTnmW1QLEccIUcuYo/axz6dPMOdYi2Mn2sbptBIs9g7FKxb9z
UOiUowxk398=
=McOD
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Mon, 08 Feb 2016 07:33:50 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Sun Jul 2 01:21:21 2023;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.