Hello Porters,
I am attempting to compile OpenSSH 2.9.9p2 on a Dynix V4.4.4 host.
I have set USE_PIPES and BROKEN_SAVED_UIDS (the latter because there are
no functions for set{eu,eg}id() that I can find). I configured with
"./configure '--with-libs=-lnsl -lsec'".
Each time I attempt to login, I get this error:
No utmp entry. You must exec "login" from the lowest level
"sh".
The Dynix man page for login (1) states:
No utmp entry. You must exec "login" from the lowest level
"sh"
You attempted to execute login as a command without
using the shell's exec internal command or from other
than the initial shell.
A "truss -aef" tells me that login is being execl'd like:
27066: execve("/bin/login", 0x080470FC, 0x0815F6CC) argc =
7
27066: argv: login -h <IP> -p -f -- phess
27066: envp: TZ=BST11 SSH_CLIENT=<IP> 1471 22
SSH_TTY=/dev/pts/31
27066: TERM=vt100
Do you have any ideas what I can define in order to fix this problem?
I also found what I believe might be a bug in uidswap.c at line 88. It
used to look like:
-----
#ifndef SAVED_IDS_WORK_WITH_SETEUID
/* Propagate the privileged gid to all of our gids. */
if (setgid(getegid()) < 0)
debug("setgid %u: %.100s", (u_int) getegid(),
strerror(errno));
/* Propagate the privileged uid to all of our uids. */
if (setuid(geteuid()) < 0)
debug("setuid %u: %.100s", (u_int) geteuid(),
strerror(errno));
#endif /* SAVED_IDS_WORK_WITH_SETEUID */
if (setegid(pw->pw_gid) < 0)
fatal("setegid %u: %.100s", (u_int) pw->pw_gid,
strerror(errno));
if (seteuid(pw->pw_uid) == -1)
fatal("seteuid %u: %.100s", (u_int) pw->pw_uid,
strerror(errno));
-----
It now looks like:
-----
#ifdef SAVED_IDS_WORK_WITH_SETEUID
if (setegid(pw->pw_gid) < 0)
fatal("setegid %u: %.100s", (u_int) pw->pw_gid,
strerror(errno));
if (seteuid(pw->pw_uid) == -1)
fatal("seteuid %u: %.100s", (u_int) pw->pw_uid,
strerror(errno));
#else /* SAVED_IDS_WORK_WITH_SETEUID */
/* Propagate the privileged gid to all of our gids. */
if (setgid(getegid()) < 0)
debug("setgid %u: %.100s", (u_int) getegid(),
strerror(errno));
/* Propagate the privileged uid to all of our uids. */
if (setuid(geteuid()) < 0)
debug("setuid %u: %.100s", (u_int) geteuid(),
strerror(errno));
#endif /* SAVED_IDS_WORK_WITH_SETEUID */
-----
Otherwise, I've made no changes.
Thanks in advance.
--
Best regards,
Patrick mailto:phess at best.com
have you tried using LOGIN_NEEDS_UTMPX ? Patrick Hess wrote:> > Hello Porters, > > I am attempting to compile OpenSSH 2.9.9p2 on a Dynix V4.4.4 host. > I have set USE_PIPES and BROKEN_SAVED_UIDS (the latter because there are > no functions for set{eu,eg}id() that I can find). I configured with > "./configure '--with-libs=-lnsl -lsec'". > > Each time I attempt to login, I get this error: > > No utmp entry. You must exec "login" from the lowest level "sh". > > The Dynix man page for login (1) states: > > No utmp entry. You must exec "login" from the lowest level "sh" > You attempted to execute login as a command without > using the shell's exec internal command or from other > than the initial shell. > > A "truss -aef" tells me that login is being execl'd like: > > 27066: execve("/bin/login", 0x080470FC, 0x0815F6CC) argc = 7 > 27066: argv: login -h <IP> -p -f -- phess > 27066: envp: TZ=BST11 SSH_CLIENT=<IP> 1471 22 SSH_TTY=/dev/pts/31 > 27066: TERM=vt100 > > Do you have any ideas what I can define in order to fix this problem? > > I also found what I believe might be a bug in uidswap.c at line 88. It > used to look like: > > ----- > #ifndef SAVED_IDS_WORK_WITH_SETEUID > /* Propagate the privileged gid to all of our gids. */ > if (setgid(getegid()) < 0) > debug("setgid %u: %.100s", (u_int) getegid(), strerror(errno)); > /* Propagate the privileged uid to all of our uids. */ > if (setuid(geteuid()) < 0) > debug("setuid %u: %.100s", (u_int) geteuid(), strerror(errno)); > #endif /* SAVED_IDS_WORK_WITH_SETEUID */ > if (setegid(pw->pw_gid) < 0) > fatal("setegid %u: %.100s", (u_int) pw->pw_gid, > strerror(errno)); > if (seteuid(pw->pw_uid) == -1) > fatal("seteuid %u: %.100s", (u_int) pw->pw_uid, > strerror(errno)); > ----- > > It now looks like: > > ----- > #ifdef SAVED_IDS_WORK_WITH_SETEUID > if (setegid(pw->pw_gid) < 0) > fatal("setegid %u: %.100s", (u_int) pw->pw_gid, > strerror(errno)); > if (seteuid(pw->pw_uid) == -1) > fatal("seteuid %u: %.100s", (u_int) pw->pw_uid, > strerror(errno)); > #else /* SAVED_IDS_WORK_WITH_SETEUID */ > /* Propagate the privileged gid to all of our gids. */ > if (setgid(getegid()) < 0) > debug("setgid %u: %.100s", (u_int) getegid(), strerror(errno)); > /* Propagate the privileged uid to all of our uids. */ > if (setuid(geteuid()) < 0) > debug("setuid %u: %.100s", (u_int) geteuid(), strerror(errno)); > #endif /* SAVED_IDS_WORK_WITH_SETEUID */ > ----- > > Otherwise, I've made no changes. > > Thanks in advance. > > -- > Best regards, > Patrick mailto:phess at best.com-- wendy palm Cray OS Sustaining Engineering, Cray Inc. wendyp at cray.com, 651-605-9154
USE_UTMP and USE_UTMPX and USE_WTMP are set in config.h (correctly). UseLogin is just a variable to allow sshd to ignore /etc/nologin. Just FYI, it's not set. Patrick Wendy Palm once said:> well, that resolved my problem on the cray. i'm afraid i hit > my knowledge limit on that. > there's also "USE_UTMP", maybe it additionally needs that? > > is your UseLogin set or not? > > -- > wendy palm > Cray OS Sustaining Engineering, Cray Inc. > wendyp at cray.com, 651-605-9154 >