- edited description
killing sshguard does not kill child process
Issue #90
resolved
Hello,
When I kill sshguard with kill -TERM PID_OF_SSHGUARD, the child processes are still running. Using CTRL+C works. I am using Void Linux.
This is especially problematic when used with daemon managers that uses kill to stop processes, which could lead to several sshguard running after a service restart.
I tried to play with trap to solve the problem but I was unsuccessful. Any help would be greatly appreciated.
Nicolas
Comments (10)
-
reporter
-
- changed status to open
Could you run
ps aux | grep sshg, paste the output, and indicate which one you were killing? -
- removed milestone
Removing milestone: 2.0 (automated comment)
-
Could you report the type and version of /bin/sh (e.g. bash, dash, zsh, etc?)
Interesting that -TERM doesn't work but CTRL-C does. Does -INT work?
Also, try making the 'trap' line in the sshguard driver script:
trap "trap - TERM && kill 0" INT TERM EXIT -
reporter
Oh right I forgot to mention that.
/bin/shisdash.Actually
kill -INThas no effect.After replacing the
trapcommand as mentioned,kill -TERMhas no effect too. -
Also reproduced on FreeBSD. Workaround is to kill any process in the pipeline instead of the driver shell itself.
-
This is not strictly a bug, because passing the '-i' argument to SSHGuard writes the PID of the process you're supposed to kill. The PID file is written by sshg-blocker, which when signaled, does cause SSHGuard to terminate.
-
reporter
It is always a good idea that a process cleans its children when exiting. Some service managers use cgroups to make sure all children spawned by a service are killed when the service exit. However, this solution is Linux specific and it means that the service is broken by design, which seems to be the case for
sshguard. So for me it is a bug. -
- changed status to resolved
Fixed in 540c08c, thanks!
-
- removed version
Removing version: 2.0 (automated comment)
- Log in to comment
