[Bug 3512] net-misc/openssh-9.1_p1: stopped accepting connections after upgrade to sys-libs/glibc-2.36 (fatal: ssh_sandbox_violation: unexpected system call)
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Tue Jan 3 15:45:04 AEDT 2023
https://bugzilla.mindrot.org/show_bug.cgi?id=3512
--- Comment #10 from Darren Tucker <dtucker at dtucker.net> ---
(In reply to Sam James from comment #8)
> I assume it is, but to check, given you're running a pretty old
> kernel and I don't have every single quirk memorised..
>
> 1. What does `grep -rsin "#define.*234" /usr/include/asm` return?
tgkill on amd64 as per comment#7
> 2. Could you possibly try to run the ssh client under gdb until it
> dies, then get a backtrace?
That should work, but since the violation happens in a subprocess of
the main sshd you'll need to set follow-fork-mode to "child". After
removing write from the sandbox allowlist:
$ sudo gdb -q --args `pwd`/sshd -ddd -p 2222
Reading symbols from
/home/dtucker/openssh/upstream/openssh/build/linux/sshd...
(gdb) set follow-fork child
(gdb) break ssh_sandbox_violation
Breakpoint 1 at 0xb834: file ../../sandbox-seccomp-filter.c, line 378.
(gdb) run
[... debug output elided ...]
Thread 2.1 "sshd" received signal SIGSYS, Bad system call.
[Switching to Thread 0x7ffff7f451c0 (LWP 1394237)]
0x00007ffff7701977 in write () from /lib64/libc.so.6
(gdb) bt
#0 0x00007ffff7701977 in write () from /lib64/libc.so.6
#1 0x00005555555dcecf in atomicio6 (f=0x7ffff7701960 <write>, fd=7,
[... backtrace elided ...]
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list