mike tancsa
2021-Oct-15 02:15 UTC
Disable tracing on FreeBSD using procctl. (OpenSSH Portable 8.8)
On 10/14/2021 10:04 PM, mike tancsa wrote:> On 10/14/2021 9:45 PM, Darren Tucker wrote: >> Did you start from a point where tracing is already disabled? I could >> imagine the second attempt to disable it failing because it was >> already disabled. >> >> If nothing else we should at least include the errno in the message >> when it fails: >> https://github.com/openssh/openssh-portable/commit/fff13aaa262b7b3ec83ed21e29674cbf331780a7 >> > > Building now, but I need to include string.h no ? > > On my RELENG_12 box (which is a jail) > > Oct 14 22:03:04 internal-sftp[20149]: fatal: unable to make the > process untraceable: No such process >OK, I think its related to these settings. On my RELENG_13 box, if I set these vals, the sftp fails sftp-server[22121]: fatal: unable to make the process untraceable: No such process ?sysctl -w security.bsd.see_other_uids=0 sysctl -w security.bsd.see_other_gids=0 ??? ---Mike
Darren Tucker
2021-Oct-15 02:32 UTC
Disable tracing on FreeBSD using procctl. (OpenSSH Portable 8.8)
On Fri, 15 Oct 2021 at 13:15, mike tancsa <mike at sentex.net> wrote: [...]> OK, I think its related to these settings. On my RELENG_13 box, if I set > these vals, the sftp fails > > sftp-server[22121]: fatal: unable to make the process untraceable: No > such process > > sysctl -w security.bsd.see_other_uids=0 > sysctl -w security.bsd.see_other_gids=0The call is: procctl(P_PID, 0, PROC_TRACE_CTL, &disable_trace) The second argument is PID, presumably pid 0 is an alias for its own pid although the man page does not mention this. Does it work if you replace the 0 with getpid() ? -- Darren Tucker (dtucker at dtucker.net) GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new) Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.