Displaying 20 results from an estimated 32 matches for "closefrom".
2011 Mar 04
3
[Bug 1875] New: Gentoo QA warning: net-misc/openssh-5.8_p1-r1: closefromtest.c:46: warning: implicit declaration of function ‘closefrom’
https://bugzilla.mindrot.org/show_bug.cgi?id=1875
Summary: Gentoo QA warning: net-misc/openssh-5.8_p1-r1:
closefromtest.c:46: warning: implicit declaration of
function ?closefrom?
Product: Portable OpenSSH
Version: 5.8p1
Platform: All
OS/Version: Linux
Status: NEW
Severity: minor
Priority: P2
Component: Build sys...
2017 Feb 20
3
[Bug 2681] New: postauth processes to log via monitor
...ocess will not be able
to open its own /dev/log (generally in chroot).
How does it work?
We are trying to solve this problem on two fronts:
- In do_child, we check if the /dev/log is available in the chroot and
if not, we "leak the FD" to the internal-sftp process. We also postpone
the closefrom() call after the internal-sftp call.
- In privsep_postauth(), we have the same check (it could be probably
written more nicely) which takes care of setting up log FDs going
through the monitor.
The idea is that this change should not modify behavior of the existing
setup in case the /dev/log is a...
2004 Aug 20
1
problem compiling OpenSSH 3.9 on OpenBSD 3.4
...-pubkey.o monitor_mm.o monitor.o monitor_wrap.o kexdhs.o kexgexs.o
auth-krb5.o auth2-gss.o gss-serv.o gss-serv-krb5.o
-L/usr/src/usr.bin/ssh/sshd/../lib/obj -lssh -lgssapi -lkrb5 -lkafs
-lcrypto -lutil -lz -ldes -lwrap
sshd.o: In function `main':
sshd.o(.text+0x1ed4): undefined reference to `closefrom'
sshd.o(.text+0x1ee4): undefined reference to `closefrom'
collect2: ld returned 1 exit status
*** Error code 1
Stop in /usr/src/usr.bin/ssh/sshd (line 122 of
/usr/share/mk/bsd.prog.mk).
*** Error code 1
Stop in /usr/src/usr.bin/ssh.
What did I screw up?
-peter
2006 Aug 14
4
too many close calls for non-opened fds
...ello All,
I'm using OpenSSH 4.3p2 in HP-UX 11.23. On running tusc (a tool to trace
system calls and signals) on sshd, I found lot of close calls upto 2047.
Those close calls try to close a non-opened file descriptor and results in
an error. This behaviour is seen only from OpenSSH 3.9 where closefrom()
call is introduced to close the file descriptors before re-exec. The fix is
to check the resource limits before calling close(), but the comment in
source code (bsd-closefrom.c) says that it is not recommended to check the
resource limits. Is there anyway to fix this too many close() calls w...
2010 Sep 03
1
TinycoreLinux Install
...e:15618: g++ -o conftest -g -O2 conftest.cpp >&5
configure:15618: $? = 0
configure:15618: result: yes
configure:15618: checking for sysconf
configure:15618: g++ -o conftest -g -O2 conftest.cpp >&5
configure:15618: $? = 0
configure:15618: result: yes
configure:15632: checking for closefrom
configure:15632: g++ -o conftest -g -O2 conftest.cpp >&5
/tmp/ccsp771p.o: In function `main':
/mnt/hdd1/search/xapian/xapian/conftest.cpp:65: undefined reference to `closefrom'
collect2: ld returned 1 exit status
configure:15632: $? = 1
configure: failed program was:
| /* confdefs...
2018 Jan 08
3
SFTP chroot: Writable root
On Sun, 2018-01-07 at 18:41 +0000, halfdog wrote:
> Hello list,
>
> I created a page to demonstrate, what would happen when chroot
> root directory is writeable. In fact, code execution is possible
> already, when only /etc and /bin are writable. I also tried to
> escape the chroot jail, but that did not work for non-root users.
>
> As the 2009 CVE activities mention,
2020 Oct 06
0
[Announce] Samba 4.11.14 Available for Download
...with a RFC4511 section 4.4.1
response.
o Laurent Menase <laurent.menase at hpe.com>
* BUG 14388: winbind: Fix a memleak.
o Stefan Metzmacher <metze at samba.org>
* BUG 14465: idmap_ad: Pass tldap debug messages on to DEBUG().
* BUG 14482: lib/replace: Move lib/replace/closefrom.c from
ROKEN_HOSTCC_SOURCE to REPLACE_HOSTCC_SOURCE.
o Martin Schwenke <martin at meltin.net>
* BUG 14466: ctdb disable/enable can fail due to race condition.
#######################################
Reporting bugs & Development Discussion
######################################...
2020 Oct 06
0
[Announce] Samba 4.11.14 Available for Download
...with a RFC4511 section 4.4.1
response.
o Laurent Menase <laurent.menase at hpe.com>
* BUG 14388: winbind: Fix a memleak.
o Stefan Metzmacher <metze at samba.org>
* BUG 14465: idmap_ad: Pass tldap debug messages on to DEBUG().
* BUG 14482: lib/replace: Move lib/replace/closefrom.c from
ROKEN_HOSTCC_SOURCE to REPLACE_HOSTCC_SOURCE.
o Martin Schwenke <martin at meltin.net>
* BUG 14466: ctdb disable/enable can fail due to race condition.
#######################################
Reporting bugs & Development Discussion
######################################...
2007 Dec 31
0
[Bug 1007] sftp client hangs on tru64 5.1A
...(id=1431)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=1431)
Make ssh-rand-helper close all fds above STDERR
Random thought: I wonder if some commands are making unwarranted
assumptions about the descriptors they inherit?
The down side of this is one systems that don't have a native closefrom
or equivalent is that the equivalent close calls are going to be
relatively slow (but only required once).
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
You are watching someone on...
2008 Mar 20
1
ForceCommand and ~/.ssh/rc
Hi,
As I understand the "ForceCommand" in the sshd_confing file is meant to
ignore any command supplied by the client, but if user's home is shared by
server and client machines over network (ex. NFS) then user can still put
something else into ~/.ssh/rc file and overcome this limitation. Is it
possible to disable execution of the ~/.ssh/rc file in such a case?
Thaks,
Mike
2007 Jul 25
3
[Bug 1345] New: closefromtest fails, sometimes
http://bugzilla.mindrot.org/show_bug.cgi?id=1345
Summary: closefromtest fails, sometimes
Product: Portable OpenSSH
Version: 4.6p1
Platform: amd64
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: Miscellaneous
AssignedTo: bitbucket at mindrot.org
Re...
2019 Aug 01
1
Re: [nbdkit PATCH 4/8] Revert "RHEL 5: Define O_CLOEXEC and SOCK_CLOEXEC."
On 8/1/19 4:15 AM, Richard W.M. Jones wrote:
> On Thu, Aug 01, 2019 at 10:06:01AM +0100, Richard W.M. Jones wrote:
>> As far as I can see Haiku (hrev52698) has O_CLOEXEC but NOT
>> SOCK_CLOEXEC. As this version is a little old I'll do an update and
>> see if newer versions support it.
>
> I'm on hrev53313+1 which also doesn't appear to have SOCK_CLOEXEC
2015 May 05
3
[Bug 2394] New: Provide a global configuration option to disable ControlPersist
...oaded
by an adhoc LD_PRELOAD application.
Customer would like to be able to remove the ControlPersist feature set
by providing a global configuration option. This will allow ssh to act
as it did before and not interfere with customer adhoc LD_PRELOAD app.
e.g.
if( options.controlpersist != 0 ){ closefrom(STDERR_FILENO+1) }
How reproducible:
Write app that opens some FDS
use the export LD_PRELOAD on ssh execution of a scripted session
when session exists see if FDS from the LD_PRELOAD app did too
Actual results:
fds closed
Expected results:
with ControlPersist disable option, fds from LD_PRELOAD...
2009 Sep 01
7
[Bug 1643] New: Set FD_CLOEXEC on client socket
https://bugzilla.mindrot.org/show_bug.cgi?id=1643
Summary: Set FD_CLOEXEC on client socket
Product: Portable OpenSSH
Version: 5.2p1
Platform: Other
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy: jchadima at
2012 May 25
2
Announce: X.509 certificates support v7.2 for OpenSSH version 6.0p1
Dear All,
X.509 certificates support for OpenSSH version 6.0p1 was published.
I brief new version include :
- support for Android platform;
- engine implementation is now considered stable;
- various regression test improvements including fixes for OpenSSL FIPS
enabled 1.0.1 stable release and korn shell
Yours sincerely,
Roumen Petrov
--
Get X.509 certificates support in OpenSSH:
2011 Feb 16
1
Forking for background processing with rails/unicorn
Hello,
I''ve been working for a few days on a problem which, after tracking it
down, seems to be related to unicorn. I''m hoping that somebody might
be able to help with information about what''s going on.
In the Rails 3 application that I support, we sometimes fork during a
web request in order to do background processing behind the scenes
without the user (and the
2023 Oct 31
1
9.3p1 Daemon Rejects Client Connections on armv7l-dey-linux-gnueabihf w/ GCC 10/11/12
...tion and compilation output between Digi DEY 8.2.0 and Arm GNU
Toolchain 12. The key differences were checking:
if ${CC} supports compile flag -fzero-call-used-regs=all
if ${CC} supports compile flag -ftrivial-auto-var-init=zero
for sys/sysctl.h
for library containing login
for closefrom
for close_range
for library containing dlopen
for arc4random
for arc4random_buf
for arc4random_uniform
if libc defines sys_errlist
if libc defines sys_nerr
for library containing res_query
for library containing dn_expand
if res_query will link
for _getsh...
2018 Nov 19
2
[PATCH] openssl-compat: Test for OpenSSL_add_all_algorithms before using.
OpenSSL 1.1.0 has deprecated this function.
---
configure.ac | 1 +
openbsd-compat/openssl-compat.c | 2 ++
openbsd-compat/openssl-compat.h | 4 ++++
3 files changed, 7 insertions(+)
diff --git a/configure.ac b/configure.ac
index 3f7fe2cd..db2aade8 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2710,6 +2710,7 @@ if test "x$openssl" = "xyes" ; then
])
2022 Oct 04
40
[Bug 3480] New: tracking bug for openssh-9.1
https://bugzilla.mindrot.org/show_bug.cgi?id=3480
Bug ID: 3480
Summary: tracking bug for openssh-9.1
Product: Portable OpenSSH
Version: -current
Hardware: Other
OS: Linux
Status: NEW
Keywords: meta
Severity: enhancement
Priority: P5
Component: Miscellaneous
Assignee:
2019 Oct 09
0
Announce: OpenSSH 8.1 released
...ere the PAM implementation lacks this
function (e.g. HP-UX). bz#3008
* sftp-server(8): fix Solaris privilege sandbox from preventing
the legacy sftp rename operation from working (was refusing to
allow hard links to files owned by other users). bz#3036
* All: add a proc_pidinfo()-based closefrom() for OS X to avoid
the need to brute-force close all high-numbered file descriptors.
bz#3049
* sshd(8): in the Linux seccomp-bpf sandbox, allow mprotect(2) with
PROT_(READ|WRITE|NONE) only. This syscall is used by some hardened
heap allocators. Github PR#142
* sshd(8): in the Linux...