openssh bugs - Jul 2007 - [Bug 1344] New: DISABLE_FD_PASSING does not work if sshd invoked by inetd

http://bugzilla.mindrot.org/show_bug.cgi?id=1344

           Summary: DISABLE_FD_PASSING does not work if sshd invoked by
                    inetd
           Product: Portable OpenSSH
           Version: 4.6p1
          Platform: Other
        OS/Version: Other
            Status: NEW
          Severity: normal
          Priority: P2
         Component: sshd
        AssignedTo: bitbucket at mindrot.org
        ReportedBy: kraai at ftbfs.org


If DISABLE_FD_PASSING is defined and sshd is invoked by inetd, the
connection is closed immediately.


-- 
Configure bugmail: http://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.

http://bugzilla.mindrot.org/show_bug.cgi?id=1344





--- Comment #1 from Matt Kraai <kraai at ftbfs.org>  2007-07-22 05:21:58
---
Created an attachment (id=1329)
 --> (http://bugzilla.mindrot.org/attachment.cgi?id=1329)
Initialize use_privsep based on DISABLE_FD_PASSING

The attached patch fixes the problem by initializing use_privsep based
on DISABLE_FD_PASSING.


-- 
Configure bugmail: http://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.

http://bugzilla.mindrot.org/show_bug.cgi?id=1344


Darren Tucker <dtucker at zip.com.au> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |dtucker at zip.com.au




--- Comment #2 from Darren Tucker <dtucker at zip.com.au>  2007-07-22
13:06:09 ---
(In reply to comment #1)
> Created an attachment (id=1329)
 --> (http://bugzilla.mindrot.org/attachment.cgi?id=1329)
[details]
> Initialize use_privsep based on DISABLE_FD_PASSING
> 
> The attached patch fixes the problem by initializing use_privsep based
> on DISABLE_FD_PASSING.
This does not seem to be a general problem: on Linux, at least, an sshd
built with DISABLE_FD_PASSING still works with inetd mode.  It would be
interesting to know if there's a problem on the other platforms that
normally set DISABLE_FD_PASSING.

Could you please provide the debug output from sshd, either by setting
"LogLevel debug3" in sshd_config and collecting the messages from
wherever syslog puts them, or by running sshd in inetd mode as a
proxycommand, eg

   ssh -o "ProxyCommand sudo /usr/local/sbin/sshd -ddde -i" yourserver

Thanks.


-- 
Configure bugmail: http://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

http://bugzilla.mindrot.org/show_bug.cgi?id=1344





--- Comment #3 from Matt Kraai <kraai at ftbfs.org>  2007-07-22 14:36:26
---
(In reply to comment #2)
> (In reply to comment #1)
> > Created an attachment (id=1329)
 --> (http://bugzilla.mindrot.org/attachment.cgi?id=1329) [details]
[details]
> > Initialize use_privsep based on DISABLE_FD_PASSING
> > 
> > The attached patch fixes the problem by initializing use_privsep based
> > on DISABLE_FD_PASSING.
> 
> This does not seem to be a general problem: on Linux, at least, an sshd
> built with DISABLE_FD_PASSING still works with inetd mode.  It would be
> interesting to know if there's a problem on the other platforms that
> normally set DISABLE_FD_PASSING.
> 
> Could you please provide the debug output from sshd, either by setting
> "LogLevel debug3" in sshd_config and collecting the messages from
> wherever syslog puts them, or by running sshd in inetd mode as a
> proxycommand, eg
> 
>    ssh -o "ProxyCommand sudo /usr/local/sbin/sshd -ddde -i"
yourserver
I won't have access to a QNX system until Monday, but I'll check it out
then.  Thanks for the help.


-- 
Configure bugmail: http://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

http://bugzilla.mindrot.org/show_bug.cgi?id=1344


Matt Kraai <kraai at ftbfs.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|                            |INVALID




--- Comment #4 from Matt Kraai <kraai at ftbfs.org>  2007-07-24 16:02:24
---
(In reply to comment #2)
> This does not seem to be a general problem: on Linux, at least, an sshd
> built with DISABLE_FD_PASSING still works with inetd mode.  It would be
> interesting to know if there's a problem on the other platforms that
> normally set DISABLE_FD_PASSING.
You're right, it was user error.  I hadn't created the sshd group and
user.  Once I did so (and applied the patch for bug 1343), I was able
to log in successfully.  Thanks for the help.


-- 
Configure bugmail: http://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1344


Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added                       
----------------------------------------------------------------------------
             Status|RESOLVED                    |CLOSED                      




--- Comment #5 from Damien Miller <djm at mindrot.org>  2008-04-04
10:00:17 ---
Close resolved bugs after release.

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.