The title sucks but I'm not sure of the correct term for what I'm trying to do, if I knew that I'd probably have found the answer by now!

The problem:

Due to an over-zealous port scanner (customer's network monitor) and an overly simplistic telnet daemon (busybox linux) every time port 23 gets scanned, telnetd launches another instance of /bin/login waiting for user input via telnet.

As the port scanner doesn't actually try to login, there is no session, so there can be no session timeout, so we quickly end up with a squillion zombie copies of /bin/login running.

What I'm trying to do about it:

telnetd gives us the option (-l) of launching some other thing rather than /bin/login so I thought we could replace /bin/login with a bash script that kills old login processes then runs /bin/login as normal:

#!/bin/sh
# First kill off any existing dangling logins
# /bin/login disappears on successful login so
# there should only ever be one
killall -q login

# now run login
/bin/login

But this seems to return immediately (no error, but no login prompt). I also tried just chaining the commands in telnetd's arguments:

telnetd -- -l "killall -q login;/bin/login"

But this doesn't seem to work either (again - no error, but no login prompt). I'm sure there's some obvious wrinkle I'm missing here.

System is embedded Linux 2.6.x running Busybox so keeping it simple is the greatly preferred option.

EDIT: OK I'm a prat for not making the script executable, with that done I get the login: prompt but after entering the username I get nothing further.

Check that your script has the execute bit set. Permissions should be the same as for the original binary including ownership.

As for -l: My guess is that it tries to execute the command killall -q login;/bin/login (that's one word).

Since this is an embedded system, it might not write logs. But you should check /var/log anyway for error messages. If there are none, you should be able to configure it using the documentation: http://wiki.openwrt.org/doc/howto/log.overview

Right, I fixed it, as I suspected there was a wrinkle I was missing:

exec /bin/login

I needed exec to hand control over to /bin/login rather than just call it.

So the telnet daemon is started thusly:

/usr/sbin/telnetd -l /usr/sbin/not_really_login

The contents of the not-really-login script are:

#!/bin/sh
echo -n "Killing old logins..."
killall -q login
echo "...done"
exec /bin/login

And all works as it should, on telnet connect we get this:

**MOTD Etc...**

Killing old logins......done

login: zero_cool
password: 

And we can login as usual.

The only thing I haven't figured out is if we can detect the exit-status of /bin/login (if we killed it) and print a message saying Too slow, sucker! or similar. TBH though, that's a nicety that can wait for a rainy day, I'm just happy our stuff can't be DDOS'ed over Telnet anymore!