Call for testing: OpenSSH-5.9
Kevin Brott
kevin.brott at gmail.com
Wed Aug 24 03:37:00 EST 2011
On Sat, Aug 20, 2011 at 22:31, Tim Rice <tim at multitalents.net> wrote:
> On Fri, 19 Aug 2011, Kevin Brott wrote:
>
> > using: openssh-SNAP-20110820.tar.gz
> >
> > HP-UX (11.11 -> 11.31) using both gcc and HP C/C++ still failing 'make
> > tests' here
> > *ssh privsep/sandbox+proxyconnect protocol 2 failed*
> >
> > All other tested systems (RH 6.2, 8.0, RHEL 2.1->6.0, FC2, Ubuntu
> > 8.04,10.10, AIX 5.2->7.1) are OK.
>
> Please send the output of 'grep "#define SANDBOX" config.h' from
> each of your test machines.
>
>
HP-UX 11.11 - 11.31 all the same:
---BEGIN---
#define SANDBOX_RLIMIT 1
---END---
> And please test the following patch.
> ----------------
> --- sandbox-rlimit.c.old 2011-06-23 06:58:32.529017003 -0700
> +++ sandbox-rlimit.c 2011-08-20 19:09:35.780772002 -0700
> @@ -61,13 +61,15 @@
> ssh_sandbox_child(struct ssh_sandbox *box)
> {
> struct rlimit rl_zero;
> + struct rlimit rl_one;
>
> rl_zero.rlim_cur = rl_zero.rlim_max = 0;
> + rl_one.rlim_cur = rl_one.rlim_max = 1;
>
> if (setrlimit(RLIMIT_FSIZE, &rl_zero) == -1)
> fatal("%s: setrlimit(RLIMIT_FSIZE, { 0, 0 }): %s",
> __func__, strerror(errno));
> - if (setrlimit(RLIMIT_NOFILE, &rl_zero) == -1)
> + if (setrlimit(RLIMIT_NOFILE, &rl_one) == -1)
> fatal("%s: setrlimit(RLIMIT_NOFILE, { 0, 0 }): %s",
> __func__, strerror(errno));
> #ifdef HAVE_RLIMIT_NPROC
> ----------------
>
Manually applied patched lines - 'make tests' still fails in same place on
all three systems.
Note: I had to manually apply the patched lines - as this segment gets
rejected applying against the 20110820 and 20110824 SNAPs.
--
# include <stddisclaimer.h>
/* Kevin Brott <Kevin.Brott at gmail.com> */
More information about the openssh-unix-dev
mailing list