Call for testing: OpenSSH-5.9
Tim Rice
tim at multitalents.net
Sun Aug 21 15:31:08 EST 2011
On Fri, 19 Aug 2011, Kevin Brott wrote:
> using: openssh-SNAP-20110820.tar.gz
>
> HP-UX (11.11 -> 11.31) using both gcc and HP C/C++ still failing 'make
> tests' here
> *ssh privsep/sandbox+proxyconnect protocol 2 failed*
>
> All other tested systems (RH 6.2, 8.0, RHEL 2.1->6.0, FC2, Ubuntu
> 8.04,10.10, AIX 5.2->7.1) are OK.
Please send the output of 'grep "#define SANDBOX" config.h' from
each of your test machines.
And please test the following patch.
----------------
--- sandbox-rlimit.c.old 2011-06-23 06:58:32.529017003 -0700
+++ sandbox-rlimit.c 2011-08-20 19:09:35.780772002 -0700
@@ -61,13 +61,15 @@
ssh_sandbox_child(struct ssh_sandbox *box)
{
struct rlimit rl_zero;
+ struct rlimit rl_one;
rl_zero.rlim_cur = rl_zero.rlim_max = 0;
+ rl_one.rlim_cur = rl_one.rlim_max = 1;
if (setrlimit(RLIMIT_FSIZE, &rl_zero) == -1)
fatal("%s: setrlimit(RLIMIT_FSIZE, { 0, 0 }): %s",
__func__, strerror(errno));
- if (setrlimit(RLIMIT_NOFILE, &rl_zero) == -1)
+ if (setrlimit(RLIMIT_NOFILE, &rl_one) == -1)
fatal("%s: setrlimit(RLIMIT_NOFILE, { 0, 0 }): %s",
__func__, strerror(errno));
#ifdef HAVE_RLIMIT_NPROC
----------------
Thanks
--
Tim Rice Multitalents (707) 456-1146
tim at multitalents.net (707) 887-1469
More information about the openssh-unix-dev
mailing list