IRIX 6.5.5m openssh-2.1.1p4 IRIX_AUDIT PROBLEM
Edwin Brown
Edwin.Brown at sdrc.com
Wed Aug 2 22:46:45 EST 2000
There is an error when installing ssh as a non root user on
SGI IRIX 6.5.5m. See the error below when negotiating connection:
---BEGIN ERROR LISTING---
ssh -c blowfish -P -v -p 3400 -X -i /usr/people/bozo/.ssh/identity -l bozo 1.2.3.4
SSH Version OpenSSH_2.1.1, protocol versions 1.5/2.0.
Compiled with SSL (0x0090581f).
debug: Reading configuration data /free/bozo/sgi/etc/ssh_config
debug: Applying options for *
debug: Seeding random number generator
debug: ssh_connect: getuid 82409 geteuid 82409 anon 1
debug: Connecting to 1.2.3.4 [1.2.3.4] port 3400.
debug: Connection established.
debug: Setting sat id to 82409
error setting satid: Operation not permitted
debug: Calling cleanup 0x1003ddc0(0x0)
---END ERROR LISTING---
The acutal error is generated from lines 89-95 of uidswap.c
---BEGIN UIDSWAP CODE---
82 /*
83 * Permanently sets all uids to the given uid. This cannot be
84 * called while temporarily_use_uid is effective.
85 */
86 void
87 permanently_set_uid(uid_t uid)
88 {
89 #ifdef WITH_IRIX_AUDIT
90 if (sysconf(_SC_AUDIT)) {
91 debug("Setting sat id to %d", (int) uid);
92 if (satsetid(uid))
93 fatal("error setting satid: %.100s", strerror(errno));
94 }
95 #endif /* WITH_IRIX_AUDIT */
96
97 if (setuid(uid) < 0)
98 debug("setuid %d: %.100s", (int) uid, strerror(errno));
99 }
---BEGIN UIDSWAP CODE---
Here is a context diff patch for a generated config.h file
---BEGIN PATCH---
*** config.h Wed Aug 2 14:37:08 2000
--- config.h.me Wed Aug 2 14:37:42 2000
***************
*** 41,47 ****
#define WITH_IRIX_PROJECT 1
/* Define if you want IRIX audit trails */
! #define WITH_IRIX_AUDIT 1
/* Location of random number pool */
/* #undef RANDOM_POOL */
--- 41,47 ----
#define WITH_IRIX_PROJECT 1
/* Define if you want IRIX audit trails */
! /* #undef WITH_IRIX_AUDIT */
/* Location of random number pool */
/* #undef RANDOM_POOL */
---END PATCH---
Shouldn't there actually be a --enable --disable switch for the IRIX stuff
or a --with-root-install switch to see if you are going to install as root?
Anyway. Hope this helps out. If I get around to it, I'll fix the configure.in
stuff myself and send in the patches.
-Edwin
--
Ford Werke AG
D-NZ/FF-1C3P Voice: (+49) 221 90 19848
Henry-Ford-Str. 1 FAX: (+49) 221 90 19849
50725 Koeln E-mail: Edwin.Brown at sdrc.com
Germany PROFS: ebrown16 at ford.com
More information about the openssh-unix-dev
mailing list