Testing Call

Lacoss-Arnold, Jason Jason.Lacoss-Arnold at AGEDWARDS.com
Thu Jul 18 07:13:34 EST 2002


I hope to have time to test, but I have a quick question:

I caught the message that PAM is working for some transactions, but the last
patch I saw said that it still doesn't work for password changes.  Did I
miss a patch, or is that still broken?  We've got to choose a new version to
deploy enterprise-wide within the next week or two and I've got to decide if
we want to wait for 3.5 or go with 3.2 which IIRC was the last version with
a functional PAM.

Will it work if privsep is disabled and relavent sections of code
uncommented?

Thanks in advance,
--Jason

-----Original Message-----
From: Ben Lindstrom [mailto:mouring at etoh.eviladmin.org]
Sent: Wednesday, July 17, 2002 3:04 PM
To: OpenSSH Development
Subject: Testing Call



Ok.. I'm starting official testing calls early this release.  I'd like to
have more feedback and more time for handling fixes.

If people could test snapshots (http://www.openssh.org/portable.html, pick
your favorate mirror and select snapshots directory) and report failures
it would be useful.

For those with pmake install there is regress/ which you can try out.  It
may help any platform issues.  I know some platforms will outright fail
(AIX).  Hopefully post 3.5 we can look at supplying gnu make files.

For those that build packages for yourself/others from the contrib/
section also let us know what needs to be updated.  With the changes to
the Solaris/Sysv package that I think it needs to be retested on
non-solaris platforms (Tim, do you still have Daz's last patch to
buildpkg.sh so you could test under SCO or should I just commit it and we
can play cvs tag?).

Known issues:

1. Tru64 (OSF/1) w/ SIA still is broken under Privsep.  (For partial
privsep support change config.h /* #undef DISABLE_FD_PASSING */ to #define
DISABLE_FD_PASSING 1)  If we can't come up with a solution by 3.5 release
then I'll just set DISABLE_FD_PASSING for the 3.5 release.

The issue is how the SIA sessioning is getting horked.  And without
someone giving me a tru64 box or access (w/ root) for a few days it is
pretty much never going to be fixed.  Ya, I know.=)  I hate touching other
people's servers and even worse having root on them.

2. AIX (some version) stall on large data output.  Current CVS patch is
wrong and will be pulled unless an agreement can be made.

3. Any platform lacking mmap() will not have compression (Sorry fokes,
this is not an issue really..This is a fact of life.)  Those platforms
lacking a usable MAP_ANON should test the release.  It should fall back to
/dev/zero mmap() then back to sparse files.  NOTE:  The fall back is
runtime so if one could (gawd) compile and run OpenSSH on multiple kernel
release it should do the right thing.

4. NeXTStep is more than likely borken.  I'm pretty sure.=)  It lies about
having a mmap(). I'll look into it once I get my NeXT box back on the
network unless someone can fire off a simple patch to solve it.

5. Pam changes have not been merged.  So password changing is still
disabled.

I'm looking mostly for privsep issues.  If you have a platform that has an
issue with privsep and you are part of the main portable tree (uwin and
cray are excluded at this moment) it needs to be discussed or you'll be
suffering for another 4+ months.

Side notes:

uwin - You going to resend a patch againt -current for review?
cray - This weekend or next week. =)  I've promised this forever.  Let me
know what non-intrustive syncs we can do to lessen your tracking.


Lastly, I'd like to thank all of you for bearing with us during the last
few months.  I'm sure it is was frustrating to you as it is for us.=)

Let me state something right now.. *NO NEW FEATURES*  3.5 is a patch
release to stablize out every platform.  Don't suggest, don't push, don't
even THINK about thinking about suggestion new features.  I'm serious.
You will be ignored.


- Ben

_______________________________________________
openssh-unix-dev at mindrot.org mailing list
http://www.mindrot.org/mailman/listinfo/openssh-unix-dev


***********************************************************************************
WARNING:  All e-mail sent to and from this address will be received or
otherwise recorded by the A.G. Edwards corporate e-mail system and is
subject to archival, monitoring or review by, and/or disclosure to,
someone other than the recipient.
************************************************************************************
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20020717/5be8e351/attachment.html 


More information about the openssh-unix-dev mailing list