openssh bugs - Sep 2008 - [Bug 1524] New: Problem with non-interactive logins and bash on Solaris

https://bugzilla.mindrot.org/show_bug.cgi?id=1524

           Summary: Problem with non-interactive logins and bash on
                    Solaris
           Product: Portable OpenSSH
           Version: 5.1p1
          Platform: UltraSparc
        OS/Version: Solaris
            Status: NEW
          Severity: normal
          Priority: P2
         Component: sshd
        AssignedTo: unassigned-bugs at mindrot.org
        ReportedBy: chris.oregan at gmail.com


We just upgraded OpenSSH on our Solaris systems from 4.7p1 to 5.1p1.
Now bash no longer executes .bashrc when a user starts a
non-interactively ssh session. Note that this is for Solaris 9 and 10.
>From the bash man page (under INVOCATION):
"When bash is started non-interactively, to run a shell script, for
example, it looks for the variable BASH_ENV in the environment, expands
its value if it appears there, and uses the expanded value as the name
of a file to read and execute."

If I set BASH_ENV in ~/.ssh/environment (and set PermitUserEnvironment
to "yes" in sshd_config) then I can run any file I specify. Setting
this option, however, does not sound safe for normal use.

"Bash attempts to determine when it is being run by the remote shell
daemon, usually rshd. If bash determines it is being run by rshd, it
reads and executes commands from ~/.bashrc, if that file exists and is
readable."

I have tried several versions of bash including the latest (v3.2) and
all exhibit the problem with OpenSSH 5.1p1; .bashrc should run but it
doesn't. This leads me to believe that OpenSSH is the culprit.

Interactive login sessions work fine; bash runs .bash_profile as per
the INVOCATION section. Also works fine with older versions of OpenSSH.

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1524


Knut Omang <knuto at paradial.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |knuto at paradial.com




--- Comment #1 from Knut Omang <knuto at paradial.com>  2008-10-16
05:40:35 ---
I experience what seems to be the same problem on Fedora Core 9,

version: openssh-5.1p1-2.fc9

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1524


Tomas Mraz <t8m at centrum.cz> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |t8m at centrum.cz




--- Comment #2 from Tomas Mraz <t8m at centrum.cz>  2008-10-16 07:35:01
---
The current openssh server uses pipes instead of sockets to communicate
with the shell. bash recognized stdin as socket and called .bashrc in
this case. With pipe as stdin the bash runs as any other
non-interactive shell and doesn't read .bashrc.
There is also possibility to recompile bash so it recognizes ssh
through the environment variable SSH_CLIENT.

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1524

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |djm at mindrot.org
             Status|NEW                         |RESOLVED
         Resolution|                            |WONTFIX

--- Comment #3 from Damien Miller <djm at mindrot.org>  ---
The problem here is bash making an unwarranted assumption about the
environment it operated in. OpenSSH has always used either pipes or
socketpairs depending on the operating system it was running on, so
bash's assumption was incorrect for platforms other than Linux anyway.

Apparently there is compile-time flag that one can set for bash that
resolves the problem:
https://bugzilla.redhat.com/attachment.cgi?id=321287&action=diff (I
haven't tried it)

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=1524

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |CLOSED

--- Comment #4 from Damien Miller <djm at mindrot.org> 2011-01-24 12:33:40
EST ---
Move resolved bugs to CLOSED after 5.7 release

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.