Issues w/ timezones on gssftpd

Jeffrey Hutzelman jhutz at cmu.edu
Wed Nov 29 18:12:25 EST 2006 


On Monday, November 27, 2006 08:45:04 PM -0800 Russ Allbery 
<rra at stanford.edu> wrote:

> Philip Prindeville <philipp at redfish-solutions.com> writes:
>
>> *** src/appl/gssftp/ftpd/ftpd.c.graylist	2006-11-27 13:36:38.000000000
>> -0700 --- src/appl/gssftp/ftpd/ftpd.c	2006-11-27 20:18:40.000000000 -0700
>> ***************
>> *** 472,477 ****
>> --- 552,560 ----
>>   		if (ns > 2)
>>   		  (void) close(ns);
>>   	}
>> + #if defined(__USE_POSIX)
>> + 	tzset();
>> + #endif
>
> I'd like to try to understand more about what's going on here.  The basic
> problem is that gssftpd's logs don't have appropriate timestamps in your
> environment, and running tzset() fixes that?
>
> According to the Linux tzset man page:
>
>     This function is automatically called by the other time conversion
>     functions that depend on the time zone.
>
> This implies to me that you should never have to call tzset explicitly,
> and if you do, something else is wrong.
>
> I believe what it's doing in this case is initializing the TZ environment
> variable based on the contents of /etc/localtime, which is then used by
> child processes in a chroot to figure out the appropriate time zone in the
> absence of the normal configuration file (although I no longer have the
> original message that started this thread at hand, and may be
> misunderstanding).  If that's the case, why not just ensure that the
> localtime file exists in the chroot?  /etc/localtime is a fairly standard
> configuration file to have to copy into a chroot.

So, /etc/localtime is a copy of or pointer to the compiled zoneinfo data 
for the default timezone.  If TZ is set, then you use the zoneinfo for that 
zone; if not, the default is used.

Presumably, calling tzset() explicitly here helps because it forces the 
time zone data to be loaded before the chroot(), when it is still 
accessible.  This seems like an entirely reasonable thing for ftpd to do 
unconditionally, or at least if tzset() is available, which should be easy 
to test for.

-- Jeffrey T. Hutzelman (N3NHS) <jhutz+ at cmu.edu>
   Sr. Research Systems Programmer
   School of Computer Science - Research Computing Facility
   Carnegie Mellon University - Pittsburgh, PA

More information about the krbdev mailing list