Testing call.

Peter Stuge stuge at cdy.org
Sat Jun 22 16:22:12 EST 2002 

On Fri, Jun 21, 2002 at 11:44:14AM -0500, Ben Lindstrom wrote:
> 
> Look at the 3.3 release instead of the snapshot.

On an old libc5 Linux system of mine, privsep doesn't work.  Kernel 2.4.18.
3.3p1 client on more modern Linux system (where privsep'd sshd works fine)

OpenSSH has been configured with the following options:
                     User binaries: /usr/local/bin
                   System binaries: /usr/local/sbin
               Configuration files: /usr/local/etc
                   Askpass program: /usr/local/libexec/ssh-askpass
                      Manual pages: /usr/local/man/manX
                          PID file: /var/run
  Privilege separation chroot path: /var/empty
            sshd default user PATH:
/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
                    Manpage format: doc
                       PAM support: no
                KerberosIV support: no
                 KerberosV support: no
                 Smartcard support: no
                       AFS support: no
                     S/KEY support: no
              TCP Wrappers support: no
              MD5 password support: no
       IP address in $DISPLAY hack: no
          Use IPv4 by default hack: no
           Translate v4 in v6 hack: yes
                  BSD Auth support: no
              Random number source: OpenSSL internal ONLY

              Host: i686-pc-linux-gnulibc1
          Compiler: gcc
    Compiler flags: -g -O2 -Wall -Wpointer-arith -Wno-uninitialized
Preprocessor flags: -I/usr/local/ssl/include 
      Linker flags: -L/usr/local/ssl/lib 
         Libraries:   -lbsd -lz  -lcrypto  


:/local/openssh# ./sshd -d -d -d
debug1: sshd version OpenSSH_3.3
debug3: Not a RSA1 key file /usr/local/etc/ssh_host_rsa_key.
debug1: read PEM private key done: type RSA
debug1: private host key: #0 type 1 RSA
debug3: Not a RSA1 key file /usr/local/etc/ssh_host_dsa_key.
debug1: read PEM private key done: type DSA
debug1: private host key: #1 type 2 DSA
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
debug1: Server will not fork when running in debugging mode.
Connection from x.x.x.x port y
debug1: Client protocol version 2.0; client software version OpenSSH_3.3
debug1: match: OpenSSH_3.3 pat OpenSSH*
Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.3
debug2: Network child is on pid 21604
debug3: preauth child monitor started
debug3: mm_request_receive entering
debug3: privsep user:group 53:53
initgroups: No such file or directory
my_extra_debug: getuid=0 geteuid=0 getgid=53 getegid=53
my_extra_debug: pw->pw_name='sshd' pw->pw_gid=53
debug1: Calling cleanup 0x806aa88(0x0)


my_extra debug is between the perror() and exit() at session.c:1185


Also, misc.c failed to compile because TCP_NODELAY wasn't defined in
<netinet/ip_tcp.h> but only in <linux/tcp.h> - I copied the define to
netinet/ip_tcp.h to solve this.


privsep might not working because of a very broken system, like I said, it's
an old system that I've upgraded bit by bit now and then.  But initgroups()
still shouldn't fail.

Unfortunately I can't strace either, the process gets signal 11 then.

A simple test program doing initgroups() with the same parameters as sshd
works fine.

Any ideas?


//Peter

More information about the openssh-unix-dev mailing list