diff --git a/Makefile b/Makefile index 61c2ae2..f2def6e 100644 --- a/Makefile +++ b/Makefile @@ -1,4 +1,4 @@ -VERSION := 0.9.5.5 +VERSION := 0.9.5.6-rc .PHONY: lint vis clean common client server passwd\ subpkgs install uninstall reinstall scc diff --git a/xs/xs.go b/xs/xs.go index 98cfb40..0f7cc85 100755 --- a/xs/xs.go +++ b/xs/xs.go @@ -1151,7 +1151,5 @@ func exitWithStatus(status int) { log.Fatal("could not write memory profile: ", err) //nolint:gocritic } } - - fmt.Printf("[exitStatus:%d]\n", status) os.Exit(status) } diff --git a/xsd/xsd.go b/xsd/xsd.go index 1c1db30..6c270db 100755 --- a/xsd/xsd.go +++ b/xsd/xsd.go @@ -286,21 +286,28 @@ func runShellAs(who, hname, ttype, cmd string, interactive bool, //nolint:funlen if interactive { if useSysLogin { - // Use the server's login binary (post-auth, which - // is still done via our own bcrypt file) - // - // Note login will drop privs to the intended user for us + // Use the server's login binary (post-auth) // // Things UNIX login does, like print the 'motd', // and use the shell specified by /etc/passwd, will be done // automagically, at the cost of another external tool // dependency. // + // One drawback of using 'login' is that the remote side + // cannot give us back the shell's exit code, since it + // exits back to 'login', which usually returns its own + // 0 status back to us. + // + // Note login will drop privs to the intended user for us. + // c = exec.Command(xs.GetTool("login"), "-f", "-p", who) //nolint:gosec } else { - // Using our separate login via local passwd file + // Run shell directly (which allows nonzero exit codes back to + // the local system upon shell exit, whereas 'login' does not.) // - // Note we must drop privs ourselves for the user shell + // Note we must drop privs ourselves for the user shell since + // we aren't using 'login' on the remote end which would do it + // for us. // c = exec.Command(xs.GetTool("bash"), "-i", "-l") //nolint:gosec c.SysProcAttr = &syscall.SysProcAttr{} @@ -412,7 +419,7 @@ func runShellAs(who, hname, ttype, cmd string, interactive bool, //nolint:funlen } conn.SetStatus(xsnet.CSOType(exitStatus)) } else { - logger.LogDebug("*** Main proc has exited. ***") //nolint:errcheck + logger.LogDebug(fmt.Sprintf("*** Main proc has exited (%d) ***", c.ProcessState.ExitCode())) //nolint:errcheck // Background jobs still may be running; close the // pty anyway, so the client can return before // wg.Wait() below completes (Issue #18) diff --git a/xsnet/net.go b/xsnet/net.go index 5f21b94..3ac54d7 100644 --- a/xsnet/net.go +++ b/xsnet/net.go @@ -1339,7 +1339,8 @@ func (hc *Conn) Read(b []byte) (n int, err error) { // Throw away pkt if it's chaff (ie., caller to Read() won't see this data) log.Printf("[Chaff pkt, discarded (len %d)]\n", decryptN) case CSOKeepAlive: - logger.LogDebug(fmt.Sprintf("[got keepAlive pkt, discarded (len %d)]\n", decryptN)) + //logger.LogDebug(fmt.Sprintf("[got keepAlive pkt, discarded (len %d)]\n", decryptN)) + // payload of keepalive (2 bytes) is not currently used (0x55aa fixed) _ = binary.BigEndian.Uint16(payloadBytes[0:2]) hc.ResetKeepAlive() case CSOTermSize: @@ -1625,7 +1626,6 @@ func (hc *Conn) StartupKeepAlive() { func (hc *Conn) ShutdownKeepAlive() { log.Println("Conn SHUTDOWN") - hc.SetStatus(CSEConnDead) hc.Close() } @@ -1655,6 +1655,7 @@ func (hc *Conn) keepaliveHelper() { if hc.keepalive == 0 { logger.LogDebug(fmt.Sprintf("*** keepaliveHelper shutting down\n")) + hc.SetStatus(CSEConnDead) hc.ShutdownKeepAlive() break }