[sslh] Foreground mode.

Mon Apr 16 08:34:51 CEST 2012

Hi Seb,

On Mon, Apr 16, 2012 at 01:05:30AM +0200, Seblu wrote:
> 1) the following command fail.
> # /usr/sbin/sslh --foreground -p 192.168.241.2:44 --ssh 127.0.0.1:22
> -u root
> setsid: already process leader: Operation not permitted

I guess somehow Archlinux has already made sslh a session leader. That sounds a
little weird to me, but I don't fully understand the whole session business.
You can try simply removing the check after setsid(), it should work:

--- sslh-main.c (revision 103)
+++ sslh-main.c (working copy)
@@ -322,7 +321,6 @@
    /* New session -- become group leader */
    if (getuid() == 0) {
        res = setsid();
-       CHECK_RES_DIE(res, "setsid: already process leader");
    }
 
    write_pid_file(pid_file);

> 2) Running with --foreground still try to write a pidfile.
> # /usr/sbin/sslh --foreground -p 192.168.241.2:44 --ssh 127.0.0.1:22
> /var/run/sslh.pid: Permission denied

Maybe you have a /var/run/sslh.pid owned by root? The last version of sslh
turns into specified user (or 'nobody') *before* writing to the PID file, so it
fails if one already exists from the previous version.

That said, you're right there is little point writing a PID file at all when in
foreground, I'll make a patch for that.

> 3) There is no way of disabling log files except with inetd mode.

Logs go to syslog, which is where you should disable them.

Now I am a little curious about the root of your questions:

> Trying to make a service file for sslh for archlinux, i see the
> following issues.

Are archlinux services expected to run in the foreground, create no PID file
nor log messages? That seems a little un-service-like to me.


Cheers,
Y.

