bugzilla-daemon at bugzilla.mindrot.org
2019-Nov-13 12:01 UTC
[Bug 3093] New: Unbreak seccomp filter with latest glibc
https://bugzilla.mindrot.org/show_bug.cgi?id=3093 Bug ID: 3093 Summary: Unbreak seccomp filter with latest glibc Product: Portable OpenSSH Version: 8.1p1 Hardware: Other OS: Linux Status: NEW Keywords: patch Severity: enhancement Priority: P5 Component: sshd Assignee: unassigned-bugs at mindrot.org Reporter: jjelen at redhat.com Created attachment 3339 --> https://bugzilla.mindrot.org/attachment.cgi?id=3339&action=edit proposed patch The OpenSSH with latest Fedora fails to login users because of seccomp is killing it. This is caused by recent change in glibc and change of implementation of nanosleep, which is affecting privsep child. For more information, see the Fedora bug: https://bugzilla.redhat.com/show_bug.cgi?id=1771946 The attached patch should address this issue (I will give it some more testing). -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2019-Nov-13 12:22 UTC
[Bug 3093] Unbreak seccomp filter with latest glibc
https://bugzilla.mindrot.org/show_bug.cgi?id=3093 Darren Tucker <dtucker at dtucker.net> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |FIXED Blocks| |3079 Status|NEW |RESOLVED CC| |dtucker at dtucker.net --- Comment #1 from Darren Tucker <dtucker at dtucker.net> --- Applied, thanks. Referenced Bugs: https://bugzilla.mindrot.org/show_bug.cgi?id=3079 [Bug 3079] Tracking bug for 8.2 release -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2020-Feb-02 23:53 UTC
[Bug 3093] Unbreak seccomp filter with latest glibc
https://bugzilla.mindrot.org/show_bug.cgi?id=3093 Jakub Jelen <jjelen at redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED Resolution|FIXED |--- --- Comment #2 from Jakub Jelen <jjelen at redhat.com> --- It looks like there is one more syscall needed with the current glibc on ARM, which is clock_gettime64. Please, consider adding also this one. For more information, there is another red hat bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1796267 -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2020-Feb-03 08:41 UTC
[Bug 3093] Unbreak seccomp filter with latest glibc
https://bugzilla.mindrot.org/show_bug.cgi?id=3093 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|REOPENED |RESOLVED Resolution|--- |FIXED CC| |djm at mindrot.org --- Comment #3 from Damien Miller <djm at mindrot.org> --- Added - thanks -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at mindrot.org
2021-Apr-23 04:57 UTC
[Bug 3093] Unbreak seccomp filter with latest glibc
https://bugzilla.mindrot.org/show_bug.cgi?id=3093 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #4 from Damien Miller <djm at mindrot.org> --- closing resolved bugs as of 8.6p1 release -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.