SUMMARY openssh-3.7p1
From: Rainer Schwierz (R.Schwierz_at_physik.tu-dresden.de)
Date: 09/19/03
- Previous message: Wakeman, Lindsay: "Tru64 4.0F PK8 - dependencies"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Fri, 19 Sep 2003 16:42:17 +0200 (MET DST) To: tru64-unix-managers@ornl.gov
Hi all,
first, thanks for all the hints I have got.
original message was:
did somone test openssh-3.7p1 on tru64 V4.0d (I know it is very old..) ?
Like the old versions it compiles without problems, but
openssh-3.6p2 is running without problems, but sshd under openssh-3.7p1
crashes with...
I have found two solutions,
- disable PrivilegeSeparation, it was working in 3.6.1p2 for Tru64
but the error is present in the current 3.7p1 release
- use a patch I have got in an email from
Nikola Milutinovic <Nikola.Milutinovic@ev.co.yu>
mailtext:
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
This has been noticed as a bug on Tru64 UNIX,
first reported on v5.1. Looks like the bug is in OpenSSH
code and is not related to the particular version of Tru64.
I have a mail with a patch to the 3.7p1 codebase.
The patch is from Chris Adams. Either use it or download from CVS
(or latest snapshots):
Yes, setreuid() and setregid() do not work right on
Tru64. Here is a
patch for 3.7p1 (should also apply to 3.7.1p1 but I
haven't had a
chance
to test yet). This has also been submitted and should
appear in the
next version of OpenSSH.
--
Chris Adams
Systems and Network Administrator - HiWAAY Internet
Services
I don't speak for anybody but myself - that's enough
trouble.
diff -urN openssh-3.7p1-dist/auth-sia.c
openssh-3.7p1/auth-sia.c
--- openssh-3.7p1-dist/auth-sia.c Mon Jun 2 19:25:48
2003
+++ openssh-3.7p1/auth-sia.c Tue Sep 16 14:02:56 2003
@@ -80,6 +80,7 @@
{
SIAENTITY *ent = NULL;
const char *host;
+ uid_t uid;
host = get_canonical_hostname(options.use_dns);
@@ -103,8 +104,11 @@
sia_ses_release(&ent);
- if (setreuid(geteuid(), geteuid()) < 0)
- fatal("setreuid: %s", strerror(errno));
+ uid = geteuid();
+ if (setuid(0) < 0)
+ fatal("setuid: %s", strerror(errno));
+ if (setuid(uid) < 0)
+ fatal("setuid: %s", strerror(errno));
}
#endif /* HAVE_OSF_SIA */
diff -urN openssh-3.7p1-dist/configure
openssh-3.7p1/configure
--- openssh-3.7p1-dist/configure Tue Sep 16 01:19:17
2003
+++ openssh-3.7p1/configure Tue Sep 16 14:11:31 2003
@@ -4532,6 +4532,18 @@
EOF
cat >>confdefs.h <<\EOF
+#define SETEUID_BREAKS_SETUID 1
+EOF
+
+ cat >>confdefs.h <<\EOF
+#define BROKEN_SETREGID 1
+EOF
+
+ cat >>confdefs.h <<\EOF
+#define BROKEN_SETREUID 1
+EOF
+
+ cat >>confdefs.h <<\EOF
#define DISABLE_LOGIN 1
EOF
diff -urN openssh-3.7p1-dist/configure.ac
openssh-3.7p1/configure.ac
--- openssh-3.7p1-dist/configure.ac Tue Sep 16
00:48:15 2003
+++ openssh-3.7p1/configure.ac Tue Sep 16 14:03:51
2003
@@ -395,6 +395,9 @@
fi
AC_DEFINE(DISABLE_FD_PASSING)
AC_DEFINE(BROKEN_GETADDRINFO)
+ AC_DEFINE(SETEUID_BREAKS_SETUID)
+ AC_DEFINE(BROKEN_SETREUID)
+ AC_DEFINE(BROKEN_SETREGID)
AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin")
;;
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
best wishes, Rainer
| R.Schwierz@physik.tu-dresden.de |
| Rainer Schwierz, Inst. f. Kern- und Teilchenphysik |
| TU Dresden, D-01062 Dresden |
| Tel. ++49 351 463 32957 FAX ++49 351 463 33114 |
| http://iktp.tu-dresden.de/~schwierz/ |
- Previous message: Wakeman, Lindsay: "Tru64 4.0F PK8 - dependencies"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
