[Bug 2856] key-options.sh fails when pty /dev/ttyp1 is not owned by testing user

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Wed Oct 18 19:20:39 AEDT 2023 

https://bugzilla.mindrot.org/show_bug.cgi?id=2856

--- Comment #7 from Taketo Kabe <openssh at vega.pgw.jp> ---
openssh-9.5p1 still has trouble when testing on my old, old box
(NetBSD-1.6.2)

% make SHELL=/bin/ksh TEST_SHELL=/bin/ksh LTESTS=key-options t-exec
...
 key option command="echo bar"
 key option no-pty,command="echo bar"
 key option pty default
 key option failed default
 key option pty no-pty
 key option pty restrict
 key option pty restrict,pty
 key option failed restrict,pty
 key option environment
 key option from="127.0.0.1"
 key option from="127.0.0.0/8"
 key option expiry-time default
 key option expiry-time invalid
 key option expiry-time expired
 key option expiry-time valid
 failed key options
 *** Error code 1

==== regress/failed-sshd.log
debug2: session_new: allocate (allocated 0 max 10)
debug3: session_unused: session id 0 unused
debug1: session_new: session 0
chown(/dev/ttyp3, 901, 4) failed: Operation not permitted
debug1: do_cleanup
debug1: session_pty_cleanup2: session 0 release /dev/ttyp3
Attempt to write login records by non-root user (aborting)
debug3: mm_pty_allocate: waiting for MONITOR_ANS_PTY
debug3: mm_request_receive_expect: entering, type 29
debug3: mm_request_receive: entering
debug1: do_cleanup
FAIL: key option failed restrict,pty
...
====


This box has openpty(3), so $skip_pty in regress/key-options.sh is
not set, and tries to run failing tests and fail.

Local workaround:
===== regress/key-options.sh
# Allocating ptys can require privileges on some platforms.
skip_pty=""
if ! config_defined HAVE_OPENPTY && [ "x$SUDO" = "x" ]; then
        skip_pty="no openpty(3) and SUDO not set"
fi
skip_pty="have openpty, but sshd cannot chown" #<<<< add this line
=====

Of course this is not a fix. This box does not have sudo either.
I don't think complete support of this box in current OpenSSH is
feasible.

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.

More information about the openssh-bugs mailing list