search for: have_setpcred

...ivileged child process to deal with network data */ --- session.c.orig Tue Jun 25 13:28:07 2002 +++ session.c Tue Jun 25 13:33:16 2002 @@ -1154,22 +1154,26 @@ { #ifdef HAVE_CYGWIN if (is_winnt) { #else /* HAVE_CYGWIN */ if (getuid() == 0 || geteuid() == 0) { #endif /* HAVE_CYGWIN */ #ifdef HAVE_SETPCRED setpcred(pw->pw_name); #endif /* HAVE_SETPCRED */ #ifdef HAVE_LOGIN_CAP - if (setusercontext(lc, pw, pw->pw_uid, - (LOGIN_SETALL & ~LOGIN_SETPATH)) < 0) { + int flags = LOGIN_SETALL & ~LOGIN_SETPATH; +#ifdef __bsdi__ + if (getpid() != getpgrp()) + flags &= ~LOGIN...

Has anyone seen the error that I'm getting below? After you ssh to the box and enter the password the connection just closes. SSH Version { root at xxxxxxxx} # ssh -V OpenSSH_3.7p1, SSH protocols 1.5/2.0, OpenSSL 0.9.7b 10 Apr 2003 OS Version { root at xxxxxxxx } # oslevel -r AIX 4330-09 SSH Connect Failure { root at xxxxxxxxx } # ssh -l xxxxxxxxx -v localhost OpenSSH_3.7p1, SSH protocols

...======================================================= RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/session.c,v retrieving revision 1.238 diff -u -r1.238 session.c --- session.c 3 Jun 2003 00:25:48 -0000 1.238 +++ session.c 2 Jul 2003 04:37:09 -0000 @@ -1215,7 +1215,7 @@ { #ifdef HAVE_SETPCRED - setpcred(pw->pw_name); + setpcred(pw->pw_name, (char **)NULL); #endif /* HAVE_SETPCRED */ #ifdef HAVE_LOGIN_CAP # ifdef __bsdi__ Index: openbsd-compat/port-aix.c =================================================================== RCS file: /usr/local/src/security/openssh/cvs/openssh_cv...

There have been a few recent commits to portable OpenSSH that require testing. It would be appreciated if you could grab the 20031118 (or later) snapshot and give it a try on your platforms of choice. Ideally, "giving it a try" means running the regress tests, in addition to casual (non-production) use and reporting your experiences back to the list. The more platforms and compile-time

Hi, I was investigating why I don't see any warnings from pam_ldap indicating the pending expiration of passwords as well as for PAM_NEW_AUTHTOK_REQD. Eventually, I found that do_pam_account() does not have a conversation function. Also, there is a function print_pam_messages (currently empty) which look suspiciously like it is ear marked to show just those error messages: /* auth-pam.c

Hi, (please CC me as I'm not subscribed to the list) If compiled with SELinux support, OpenSSH 4.8 current cvs fails for accounts where the new ChrootDirectory option is active : debug1: PAM: establishing credentials debug3: PAM: opening session debug2: User child is on pid 1695 debug3: mm_request_receive entering debug1: PAM: establishing credentials debug3: safely_chroot: checking

The following is a patch I've been working on to support a "ChrootUser" option in the sshd_config file. I was looking for a way to offer sftp access and at the same time restict interactive shell access. This patch is a necessary first step (IMO). It applies clean with 'patch -l'. Also attached is a shell script that helps to build a chrooted home dir on a RedHat 7.2

...undef HAVE_SECTOK_H */ /* #undef HAVE_SECURITY_PAM_APPL_H */ #define HAVE_SENDMSG 1 /* #undef HAVE_SETAUTHDB */ /* #undef HAVE_SETDTABLESIZE */ #define HAVE_SETEGID 1 #define HAVE_SETENV 1 #define HAVE_SETEUID 1 #define HAVE_SETGROUPS 1 /* #undef HAVE_SETLOGIN */ /* #undef HAVE_SETLUID */ /* #undef HAVE_SETPCRED */ /* #undef HAVE_SETPROCTITLE */ #define HAVE_SETREGID 1 #define HAVE_SETRESGID 1 #define HAVE_SETRESUID 1 #define HAVE_SETREUID 1 #define HAVE_SETRLIMIT 1 #define HAVE_SETSID 1 #define HAVE_SETUTENT 1 #define HAVE_SETUTXENT 1 #define HAVE_SETVBUF 1 #define HAVE_SHADOW_H 1 #define HAVE_SIGACTION 1...

https://bugzilla.mindrot.org/show_bug.cgi?id=1567 Summary: Insufficient privileges to chroot() on AIX Product: Portable OpenSSH Version: 5.2p1 Platform: PPC OS/Version: AIX Status: NEW Severity: major Priority: P2 Component: sshd AssignedTo: unassigned-bugs at mindrot.org ReportedBy: bana

I am attempting to run openssh 3.7.1p2 with privsep on AIX 5.2 ML2 (with the december 2003 critical patches also). This was compiled on the host machine with the IBM Visual Age C compiler (C for AIX Compiler, Version 5). I did not have any trouble compiling. My configure was ./configure --with-tcp-wrappers, and I have the freeware tcp wrappers (freeware.tcp_wrappers.rte 7.6.1.5), and a compiled