search

vlaci / openconnect-sso

Wrapper script for OpenConnect supporting Azure AD (SAMLv2) authentication to Cisco SSL-VPNs
GNU General Public License v3.0
280 stars 119 forks source link

Traceback during connection close #39

Open jpasztor-oi opened 3 years ago

jpasztor-oi commented 3 years ago

Hello,

If I abort a running session with C-c, then it throws a traceback during close. It does not cause any harm, but looks ugly.

Too few arguments.
User cancelled (SIGINT/SIGTERM); exiting.
Traceback (most recent call last):
  File "/usr/lib/python3.7/subprocess.py", line 474, in run
    stdout, stderr = process.communicate(input, timeout=timeout)
  File "/usr/lib/python3.7/subprocess.py", line 931, in communicate
    self.wait()
  File "/usr/lib/python3.7/subprocess.py", line 990, in wait
    return self._wait(timeout=timeout)
  File "/usr/lib/python3.7/subprocess.py", line 1624, in _wait
    (pid, sts) = self._try_wait(0)
  File "/usr/lib/python3.7/subprocess.py", line 1582, in _try_wait
    (pid, sts) = os.waitpid(self.pid, wait_flags)
KeyboardInterrupt

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/home/pasja/openconnect/venv/bin/openconnect-sso", line 10, in <module>
    sys.exit(main())
  File "/home/pasja/openconnect/venv/lib/python3.7/site-packages/openconnect_sso/cli.py", line 169, in main
    return app.run(args)
  File "/home/pasja/openconnect/venv/lib/python3.7/site-packages/openconnect_sso/app.py", line 75, in run
    auth_response, selected_profile, args.proxy, args.openconnect_args
  File "/home/pasja/openconnect/venv/lib/python3.7/site-packages/openconnect_sso/app.py", line 186, in run_openconnect
    return subprocess.run(command_line).returncode
  File "/usr/lib/python3.7/subprocess.py", line 481, in run
    process.kill()
  File "/usr/lib/python3.7/subprocess.py", line 1756, in kill
    self.send_signal(signal.SIGKILL)
  File "/usr/lib/python3.7/subprocess.py", line 1746, in send_signal
    os.kill(self.pid, sig)
PermissionError: [Errno 1] Operation not permitted
Component Version
OS debian 10.7
openconnect-sso 0.6.1
sudo 1.8.27
python 3.7.3 (venv)

if you need any further info feel free to ping me :-)

vlaci commented 3 years ago

Educated guess: A race condition is involved here: when you press CTRL-C, it gets propagated to all processes in the same process group, so both openconnect-sso and openconnect itself handles the interupt signal. "Unfortunately" Python tries to clean-up any running subprrocess but it may already exits when KILL is sent.

I have a proposed fix but don't have the ability to test it right now.

vlaci commented 3 years ago

Hm, it will be more tricky to fix this issue than I first thought. If I start the subprocess in a new session, Python won't try to clean it up upon exit and also sudo's behavior will change to always prompt (because it is always executed in a different session).