IRIX 6.5.5m openssh-2.1.1p4 IRIX_AUDIT PROBLEM

Edwin Brown Edwin.Brown at sdrc.com
Wed Aug 2 22:46:45 EST 2000


There is an error when installing ssh as a non root user on 
SGI IRIX 6.5.5m. See the error below when negotiating connection:



---BEGIN ERROR LISTING---
ssh -c blowfish -P -v -p 3400 -X -i /usr/people/bozo/.ssh/identity -l bozo 1.2.3.4   
SSH Version OpenSSH_2.1.1, protocol versions 1.5/2.0.
Compiled with SSL (0x0090581f).
debug: Reading configuration data /free/bozo/sgi/etc/ssh_config
debug: Applying options for *
debug: Seeding random number generator
debug: ssh_connect: getuid 82409 geteuid 82409 anon 1
debug: Connecting to 1.2.3.4 [1.2.3.4] port 3400.
debug: Connection established.
debug: Setting sat id to 82409
error setting satid: Operation not permitted
debug: Calling cleanup 0x1003ddc0(0x0)

---END ERROR LISTING---

The acutal error is generated from lines 89-95 of uidswap.c

---BEGIN UIDSWAP CODE---
    82  /*
    83   * Permanently sets all uids to the given uid.  This cannot be
    84   * called while temporarily_use_uid is effective.
    85   */
    86  void
    87  permanently_set_uid(uid_t uid)
    88  {
    89  #ifdef WITH_IRIX_AUDIT
    90          if (sysconf(_SC_AUDIT)) {
    91                  debug("Setting sat id to %d", (int) uid);
    92                  if (satsetid(uid))
    93                          fatal("error setting satid: %.100s", strerror(errno));
    94          }
    95  #endif /* WITH_IRIX_AUDIT */
    96
    97          if (setuid(uid) < 0)
    98                  debug("setuid %d: %.100s", (int) uid, strerror(errno));
    99  }
---BEGIN UIDSWAP CODE---

Here is a context diff patch for a generated config.h file

---BEGIN PATCH---

*** config.h    Wed Aug  2 14:37:08 2000
--- config.h.me Wed Aug  2 14:37:42 2000
***************
*** 41,47 ****
  #define WITH_IRIX_PROJECT 1
  
  /* Define if you want IRIX audit trails */
! #define WITH_IRIX_AUDIT 1
  
  /* Location of random number pool  */
  /* #undef RANDOM_POOL */
--- 41,47 ----
  #define WITH_IRIX_PROJECT 1
  
  /* Define if you want IRIX audit trails */
! /* #undef WITH_IRIX_AUDIT */
  
  /* Location of random number pool  */
  /* #undef RANDOM_POOL */

---END PATCH---


Shouldn't there actually be a --enable --disable switch for the IRIX stuff
or a --with-root-install switch to see if you are going to install as root?
Anyway. Hope this helps out. If I get around to it, I'll fix the configure.in 
stuff myself and send in the patches.


-Edwin


-- 
Ford Werke AG
D-NZ/FF-1C3P 			Voice:  (+49) 221 90 19848
Henry-Ford-Str. 1		FAX:    (+49) 221 90 19849
50725 Koeln			E-mail: Edwin.Brown at sdrc.com
Germany				PROFS:  ebrown16 at ford.com





More information about the openssh-unix-dev mailing list