[Bug 3512] net-misc/openssh-9.1_p1: stopped accepting connections after upgrade to sys-libs/glibc-2.36 (fatal: ssh_sandbox_violation: unexpected system call)

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Tue Jan 3 15:45:04 AEDT 2023


--- Comment #10 from Darren Tucker <dtucker at dtucker.net> ---
(In reply to Sam James from comment #8)
> I assume it is, but to check, given you're running a pretty old
> kernel and I don't have every single quirk memorised..
> 1. What does `grep -rsin "#define.*234" /usr/include/asm` return?

tgkill on amd64 as per comment#7

> 2. Could you possibly try to run the ssh client under gdb until it
> dies, then get a backtrace?

That should work, but since the violation happens in a subprocess of
the main sshd you'll need to set follow-fork-mode to "child".  After
removing write from the sandbox allowlist:

$ sudo gdb -q --args `pwd`/sshd -ddd -p 2222
Reading symbols from
(gdb) set follow-fork child
(gdb) break ssh_sandbox_violation
Breakpoint 1 at 0xb834: file ../../sandbox-seccomp-filter.c, line 378.
(gdb) run
[... debug output elided ...]

Thread 2.1 "sshd" received signal SIGSYS, Bad system call.
[Switching to Thread 0x7ffff7f451c0 (LWP 1394237)]
0x00007ffff7701977 in write () from /lib64/libc.so.6
(gdb) bt
#0  0x00007ffff7701977 in write () from /lib64/libc.so.6
#1  0x00005555555dcecf in atomicio6 (f=0x7ffff7701960 <write>, fd=7,
[... backtrace elided ...]

You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.

More information about the openssh-bugs mailing list