[sslh] Foreground mode.
Yves Rutschle
yves at naryves.com
Mon Apr 16 08:34:51 CEST 2012
Hi Seb,
On Mon, Apr 16, 2012 at 01:05:30AM +0200, Seblu wrote:
> 1) the following command fail.
> # /usr/sbin/sslh --foreground -p 192.168.241.2:44 --ssh 127.0.0.1:22
> -u root
> setsid: already process leader: Operation not permitted
I guess somehow Archlinux has already made sslh a session leader. That sounds a
little weird to me, but I don't fully understand the whole session business.
You can try simply removing the check after setsid(), it should work:
--- sslh-main.c (revision 103)
+++ sslh-main.c (working copy)
@@ -322,7 +321,6 @@
/* New session -- become group leader */
if (getuid() == 0) {
res = setsid();
- CHECK_RES_DIE(res, "setsid: already process leader");
}
write_pid_file(pid_file);
> 2) Running with --foreground still try to write a pidfile.
> # /usr/sbin/sslh --foreground -p 192.168.241.2:44 --ssh 127.0.0.1:22
> /var/run/sslh.pid: Permission denied
Maybe you have a /var/run/sslh.pid owned by root? The last version of sslh
turns into specified user (or 'nobody') *before* writing to the PID file, so it
fails if one already exists from the previous version.
That said, you're right there is little point writing a PID file at all when in
foreground, I'll make a patch for that.
> 3) There is no way of disabling log files except with inetd mode.
Logs go to syslog, which is where you should disable them.
Now I am a little curious about the root of your questions:
> Trying to make a service file for sslh for archlinux, i see the
> following issues.
Are archlinux services expected to run in the foreground, create no PID file
nor log messages? That seems a little un-service-like to me.
Cheers,
Y.
More information about the sslh
mailing list