Bug 319 - Privilege Separation failing on OSF1 v5.1
Summary: Privilege Separation failing on OSF1 v5.1
Status: CLOSED DUPLICATE of bug 296
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: sshd (show other bugs)
Version: -current
Hardware: Alpha OSF/1
: P2 normal
Assignee: OpenSSH Bugzilla mailing list
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2002-06-29 01:41 AEST by Jim Wadell
Modified: 2004-04-14 12:24 AEST (History)
0 users

See Also:

Attachments
Sounds like an SIA issue w/ privsep. Does this fix it? (3.11 KB, patch)
2002-06-29 02:59 AEST, Ben Lindstrom 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Jim Wadell 2002-06-29 01:41:12 AEST 
I build Version 3.4p1 using --with-tcp-wrappers on both IRIX 6.5.15 and OSF1 
v5.1. Priv Separation works fine on IRIX and connecting as root on OSF1. Normal 
user fails on OSF as follows running sshd -d -d -d

Messages from connecting machine

aku445 IRIX64 ssh -X aku214     
debug3: Trying to reverse map address 161.99.65.161.
cannot set login uid 202: error Not owner.
Couldn't establish session for wadelljs from aku445
debug1: Calling cleanup 0x12005153c(0x140030728)
debug3: mm_request_send entering: type 27
debug1: Calling cleanup 0x120068074(0x0)
debug1: channel_free: channel 0: server-session, nchannels 2
debug3: channel_free: status: The following connections are open:
  #0 server-session (t10 r0 i0/0 o0/0 fd -1/-1)

<snip>

From host:
<Snip>
debug1: server_input_channel_req: channel 0 request x11-req reply 0^M
debug1: session_by_channel: session 0 channel 0^M
debug1: session_input_channel_req: session 0 req x11-req^M
debug1: bind port 6010: Can't assign requested address^M
debug1: fd 11 setting O_NONBLOCK^M
debug2: fd 11 is O_NONBLOCK^M
debug1: channel 1: new [X11 inet listener]^M
debug1: server_input_channel_req: channel 0 request shell reply 0^M
debug1: session_by_channel: session 0 channel 0^M
debug1: session_input_channel_req: session 0 req shell^M
debug1: fd 4 setting TCP_NODELAY^M
debug1: channel 0: rfd 10 isatty^M
debug1: fd 10 setting O_NONBLOCK^M
debug2: fd 9 is O_NONBLOCK^M
debug1: Setting controlling tty using TIOCSCTTY.^M
Connection closed by remote host.^M
debug1: channel_free: channel 0: server-session, nchannels 2^M
debug3: channel_free: status: The following connections are open:^M
  #0 server-session (t4 r0 i0/43 o0/0 fd 10/9)^M
^M
debug3: channel_close_fds: channel 0: r 10 w 9 e -1^M
debug1: channel_free: channel 1: X11 inet listener, nchannels 1^M
debug3: channel_free: status: The following connections are open:^M


I tried setting user sshd as a member of group terminals, reseting protection 
of /dev/pts, etc.

Also, when loging in as user root, the log progresses to the line

debug1: Setting controlling tty using TIOCSCTTY.^M 

when the session is established.
Comment 1 Ben Lindstrom 2002-06-29 02:59:33 AEST 
Created attachment 120 [details]
Sounds like an SIA issue w/ privsep.  Does this fix it?
Comment 2 Jim Wadell 2002-06-29 05:13:48 AEST 
Give a link error 

/usr/bin/ld:
Unresolved:
mm_setup_sia

Cound not find a reference to the symbol anywhere?
Comment 3 Ben Lindstrom 2002-06-29 06:02:56 AEST 
Steve VanDevender and I are working through this patch.  I missed a few parts 
of it.  It is better, but still having issues.

I'll repost it when I have something in better condition.

- Ben
Comment 4 Jim Wadell 2002-06-29 06:43:58 AEST 
Thanks,
Comment 5 Ben Lindstrom 2002-07-18 07:34:15 AEST 

*** This bug has been marked as a duplicate of 296 ***
Comment 6 Damien Miller 2004-04-14 12:24:18 AEST 
Mass change of RESOLVED bugs to CLOSED