Issues w/ timezones on gssftpd

Ken Raeburn raeburn at MIT.EDU
Thu Nov 30 02:18:36 EST 2006 

On Nov 30, 2006, at 00:12, Tom Yu wrote:
> Philip> Well, the fact that tzset() fixes ctime/localtime but not
> Philip> ctime_r/localtime_r
> Philip> would appear to be a separate issue, right?
>
> No.  In glibc, tzset() affects the cached timezone data for ctime_r()
> as well as ctime().  It so happens that ctime_r() and other related
> thread-safe functions happen to not call tzset(), while their
> non-thread-safe variants do [...]

> syslog() calls strftime() which calls tzset().  After the first
> syslog() call following the chroot, the cached timezone data in glibc
> is incorrect because it couldn't read the timezone database files in
> the chroot environment.
>
> In this situation, calling tzset() immediately prior to chroot() will
> have no effect after the first call to syslog() after chrooting, if
> you do not have the correct timezone files available.

Just to clarify: In the current glibc, any call to tzset() within a  
chroot environment that doesn't have the proper data files installed  
will cause incorrect values (I assume GMT) to be used, rather than  
keeping previously-loaded values, is that correct?  If so, the only  
ways to get it right (without changing glibc) seem to be to install  
the needed files, or avoid calling any functions that call tzset(),  
which apparently would include syslog() and strftime(), and thus just  
isn't going to happen.

Really, setting up a chroot jail properly is a job for the system  
admin, not random users.  "But wait, I administer my own machine,  
like a lot of people do these days!"  Yeah, well, this should all be  
done by OS vendors providing helpful tools or properly configured  
packages; people shouldn't use systems that don't do that unless  
they're willing to put up with the occasional learning experience.   
"Timestamps suddenly off by N hours?  *slaps forehead*  I bet it's  
some silly timezone issue.  Now why... oh, chroot!  Yeah, that messes  
up everything."  So you fix it, make a note that it's something you  
have to deal with for any chroot jail for a program that might log  
something or format a timestamp somewhere, maybe update your jail- 
building script, and move on...

Ken

More information about the krbdev mailing list