[sudo-users] troubleshooting with logs

donald.ritchey at exeloncorp.com donald.ritchey at exeloncorp.com
Tue Jul 19 17:00:08 EDT 2005

Depending on the version of UNIX and the characteristics of the startup
process used, daemon processes may have the console as their controlling
TTY or they may have null entry, if the O/S updates the TTY information 
after the daemon disassociates itself from the TTY where it was started.

Most daemons started while the system is booted will have the console 
as their controlling TTY during the startup process.  That is because
the console terminal is the default output destination of the run control
programs that boot the system.  As the run control program exits, it closes
the console, which closes the daemon's terminal as well.  Once the boot 
scripts or programs complete, the daemon process will then have a null TTY, 
since it has been effectively disassociated from that terminal.  

On occasion and, again, depending on the version of UNIX, the daemon may 
retain a connection to the console and this connection will show up 
associating the daemon with the console port.

It is not a big deal most of the time, since the daemon processes are 
designed to run without a terminal connection to their standard-in, -out, 
and -error files.  The most likely cause of a sudo entry with no controlling
TTY is for a sudo command run from within a crontab entry or via an at(1) 
task.  In this case, the crond daemon, which starts the process, normally 
has no controlling TTY and the cron process or at job inherits this lack 
of a controlling terminal.

Additionally, if the daemon process is running as the root (or superuser
it may have the ability to open the console terminal for output, if that 
terminal is 'open'.  (For example, the daemon may need to display status or 
error messages on the console.  If the console is connected to a terminal 
or printer device, and the device is turned on, the daemon can send its 
messages or errors to the device.)

Best wishes,

Donald L. (Don) Ritchey
Information Technology
Exelon Corporation

-----Original Message-----
From: sudo-users-bounces at courtesan.com
[mailto:sudo-users-bounces at courtesan.com]On Behalf Of Todd C. Miller
Sent: Tuesday, July 19, 2005 1:50 PM
To: Fabrice Schuler
Cc: sudo-users at sudo.ws
Subject: Re: [sudo-users] troubleshooting with logs 

In message <42DD24BE.9020902 at ferma.fr>
	so spake Fabrice Schuler (fabrice.schuler):

> But I have problems wih a daemon calling sudo. This daemon has no tty.

Are you sure about that?  Unless the daemon disassociates from its
tty it will still have one.  This is usually accomplished via the
setsid() system call.  You should be able to tell via the ps command
whether a process has a tty associated with it.

> On the first times (I would say for a couple of weeks), the TTY logged 
> in sudo logs was "console"
> My problem is that this tty is reserved for the console, and, according 
> to all the documentation I could find on the web, it is not possible to 
> attach a process to this tty if not logged on the console (which is not 
> the case - I am certain of that)...
> I agree this may not come from sudo, but if somebody ever had the same 
> problem, or may know where it comes from or what I did for this to 
> happen, I prefer to ask.

Not necesarily, the daemon in question might have been started by
someone who was logged in on the console.  Just because there is a
process associated with a particular tty does not prevent a new
user from logging in on that tty.

> For the moment, the tty logged is "unknown". Is it correct for a daemon 
> to be logged with this TTY (I guess so, but as I said, I could not find 
> any documentation about this) ?

Sudo logs the console as "unknown" when the ttyname() function
returns NULL.  This usually means there is no tty associated with
the process.
 - todd
sudo-users mailing list <sudo-users at sudo.ws>
For list information, options, or to unsubscribe, visit:

This e-mail and any of its attachments may contain Exelon Corporation
proprietary information, which is privileged, confidential, or subject 
to copyright belonging to the Exelon Corporation family of Companies. 
This e-mail is intended solely for the use of the individual or entity 
to which it is addressed.  If you are not the intended recipient of this 
e-mail, you are hereby notified that any dissemination, distribution, 
copying, or action taken in relation to the contents of and attachments 
to this e-mail is strictly prohibited and may be unlawful.  If you have 
received this e-mail in error, please notify the sender immediately and 
permanently delete the original and any copy of this e-mail and any 
printout. Thank You.

More information about the sudo-users mailing list