Problem with Sol8 and LDAP
Lacoss-Arnold, Jason
Jason.Lacoss-Arnold at AGEDWARDS.com
Wed Feb 20 00:11:09 EST 2002
You have to be root on Solaris to truss a setuid executable (which ssh is).
So try (as root):
root at tao[!] -> truss ssh -l treno -v
Thanks,
--Jason Lacoss-Arnold, Systems Technical Specialist
Technical Services - Unix Arch.
314-955-8501
-----Original Message-----
From: Roberto Bertucci [mailto:roberto.bertucci at netscalibur.it]
Sent: Tuesday, February 19, 2002 3:51
To: Ed Phillips
Cc: OpenSSH Development
Subject: Re: Problem with Sol8 and LDAP
Thank you for your answer.
I took a little time to update Solaris to the last recommended patch level
(rel. 04 Feb 2002).
The problem is still here.
User treno (this is me) is connected via telnet and authenticated against
LDAP server (netscape 4.1).
Even a truss is not useful:
treno at tao[!] -> truss ssh -v
truss: cannot trace set-id or unreadable object file: /usr/local/bin/ssh
I am attaching pam.conf and nsswitch.conf
Thank you,
RB
At 09.31 18/02/2002 -0500, Ed Phillips wrote:
>On Mon, 18 Feb 2002, Roberto Bertucci wrote:
>
> > Date: Mon, 18 Feb 2002 10:39:29 +0100
> > From: Roberto Bertucci <roberto.bertucci at netscalibur.it>
> > To: openssh-unix-dev at mindrot.org
> > Subject: Problem with Sol8 and LDAP
> >
> > Hi, i am experiencing a problem with ssh 3.0.2.p1 running on Solaris
2.8.
>
>What patches do you have installed for Sol8? Did you install all of the
>recommended patches along with relevent LDAP/PAM patches? What does your
>/etc/nsswitch.conf look like? What does /etc/pam.conf look like?
>
> > Everything works fine with local users (i.e. with local passwd and
shadow
> > entries). With LDAP authenticated users, i obtain:
> >
> > treno at tao[!] -> ssh -v
> > Segmentation Fault (core dumped)
>
>We need a little more than "core dumped" to be able to solve the
>problem... can you provide truss output? Is "treno" user a that is logged
>in via PAM+LDAP (there is an sshd process involved) or is this a user who
>is on the console trying to ssh out of the system?
>
> > The probem is the same with 2.x releases.
>
>I've never seen the client dump core like this, even on a system that has
>PAM configured to use LDAP.
>
> Ed
>
>Ed Phillips <ed at udel.edu> University of Delaware (302) 831-6082
>Systems Programmer III, Network and Systems Services
>finger -l ed at polycut.nss.udel.edu for PGP public key
***************************************************************************************
WARNING: All e-mail sent to and from this address will be received or
otherwise recorded by the A.G. Edwards corporate e-mail system and is
subject to archival, monitoring or review by, and/or disclosure to,
someone other than the recipient.
***************************************************************************************
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20020219/e1cc3810/attachment.html
More information about the openssh-unix-dev
mailing list