Package: timeoutd Version: 1.5-10.1 Severity: important Tags: patch The main problem - the process dies with segmentation fauils trying to throw the user away. After this the user is able to log in and work without time limitations. After checking the code the following problems have been found (both in function getcpid() ):
1. The function does not close the files after checking for ssh process. This
leads to the "too i
many open files" error after a few user kicks.
2. The function does not brake execution if the process does not exist. It
writes the corresponding
error to the log, but on the next step tries to read from the unexisting file
(which leads to segfault)
The following patch is offered to fix the problem:
--- timeoutd.c.orig 2010-03-08 10:12:26.000000000 +0100
+++ timeoutd.c 2010-03-08 10:12:47.000000000 +0100
@@ -1601,12 +1601,15 @@
if(cont->d_type == 4 && isdigit(cont->d_name[0])) { /* check
only PIDs */
sprintf(path, "/proc/%s/status", cont->d_name);
proc_file = fopen(path, "r");
- if(!proc_file)
+ if(!proc_file) {
printf("error opening proc status file %s\n",
path);
-
+ return 0; /* no child exists */
+ }
while(!fscanf(proc_file, "PPid: %s", akt_pid))
fgets(akt_pid, 10, proc_file);
+ fclose(proc_file);
+
if(atoi(akt_pid) == ppid)
return (pid_t)atoi(cont->d_name); /* return
pid of child */
} /* if(cont->d_type == 4) */
-- System Information:
Debian Release: 5.0.4
APT prefers stable
APT policy: (700, 'stable'), (600, 'unstable'), (500, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.26-2-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages timeoutd depends on:
ii libc6 2.7-18lenny2 GNU C Library: Shared libraries
ii libx11-6 2:1.1.5-2 X11 client-side library
ii libxext6 2:1.0.4-2 X11 miscellaneous extension
librar
ii libxss1 1:1.1.3-1 X11 Screen Saver extension
library
timeoutd recommends no packages.
timeoutd suggests no packages.
signature.asc
Description: This is a digitally signed message part.
