WITH_IRIX_AUDIT causes error (fwd)
Michael Stone
mstone at cs.loyola.edu
Fri Jul 21 12:06:18 EST 2000
On Fri, Jul 21, 2000 at 09:55:27AM +1000, Damien Miller wrote:
> I compiled and was able to run sshd. I started ssh as root and was able
> to get to my local host. I dropped down to a regular user and tried
> ssh again. I got the error
>
> error setting satid
Hmm. There should be more. (The relevant code in the patch was "error
setting satid: %.100s", strerror(errno). There should be a colon and
hopefully some more info.)
> I could see that if WITH_IRIX_AUDIT was not defined, the satsetid() call would not
> be made, and the error could be avoided. I looked for satsetid on my system
> and didn't find it. I am on Irix 6.4.
What is the output of the following (from the command line):
chkconfig | grep audit
sysconf | egrep AUDIT\|SAT
> 1) Is it still secure? (I'm guessing yes.)
Yes. The satid is only used for audit trails. (If you're using them, you
would know. They're really big :)
> 2) What should I install so that setsatid() is on my system?
For IRIX 6.4 it may be part of trusted IRIX. In IRIX 6.5 it's
eoe.sw.audit
> 3) Is there a better way for the configure to work, so as not to force this on?
Well, I've got a theory. The line that says
if (sysconf(_SC_AUDIT)) {
was based on the "here's how to make sure it works on all systems"
instructions. Serves me right to trust a manual. IRIX 6.4 probably
doesn't define _SC_AUDIT, and sysconf is returning -1 on error. Change
the above line to
if (sysconf(_SC_AUDIT) == 1) {
I'm interested in the sysconf output above because the flag we're
looking for might have had a different name in IRIX 6.4, which would
make the check something like
if (sysconf(_SC_AUDIT) == 1 || sysconf(_SC_SAT) == 1) {
--
Mike Stone
More information about the openssh-unix-dev
mailing list