search for: permanently_set_uid

...about the following code at line 203 in uidswap.c: /* Try restoration of GID if changed (test clearing of saved gid) */ if (old_gid != pw->pw_gid && (setgid(old_gid) != -1 || setegid(old_gid) != -1)) fatal("%s: was able to restore old [e]gid", __func__); This causes permanently_set_uid to fail in the following case: $ su Password: ???????? # newgrp bin # ssh remotehost permanently_set_uid: was able to restore old [e]gid # Is this the desired behavior or should the code special case running as root? - Glen Nakamura

Hello, I have tried running OpenSSH 3.7.1p2 on an Indy running IRIX 5.3. It compiled and installed without any problems. However, I get the fatal error, which originates from uidswap.c in function permanently_set_uid(): fatal: permanently_set_uid: was able to restore old [e]uid This happens even if "UsePrivilegeSeparation no" is used in sshd_config. It seems to be a problem with IRIX 5.3 rather than OpenSSH. I have searched for possible patches for IRIX 5.3, but haven't found anything...

http://bugzilla.mindrot.org/show_bug.cgi?id=674 Summary: permanently_set_uid() doesn't work on BSDI 4.0.1 Product: Portable OpenSSH Version: 3.7p1 Platform: ix86 OS/Version: BSDI Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-bugs at mindrot.org...

Hi, I'm terribly sorry that I missed this before 3.7p1 was out. The permanently_set_uid() function fails on Cygwin since the test to revert to the saved uid unfortunately works on Cygwin though it shouldn't. The reason is that a Windows NT process always can revert to its previous privileges. There's no such concept of giving up rights in a process permanently. This is only...

...ks, Corinna Index: uidswap.c =================================================================== RCS file: /cvs/openssh_cvs/uidswap.c,v retrieving revision 1.44 diff -p -u -r1.44 uidswap.c --- uidswap.c 24 Feb 2004 02:17:30 -0000 1.44 +++ uidswap.c 22 Sep 2004 18:17:44 -0000 @@ -200,10 +200,12 @@ permanently_set_uid(struct passwd *pw) fatal("setuid %u: %.100s", (u_int)pw->pw_uid, strerror(errno)); #endif +#ifndef HAVE_CYGWIN /* Try restoration of GID if changed (test clearing of saved gid) */ if (old_gid != pw->pw_gid && (setgid(old_gid) != -1 || setegid(old_gid) != -1))...

https://bugzilla.mindrot.org/show_bug.cgi?id=1710 Summary: aix_setauthdb/aix_restoredb are not called in getpwnamallow() causing permanently_set_uid() to fail Product: Portable OpenSSH Version: 5.3p1 Platform: PPC OS/Version: AIX Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: unassigned-bugs at mindrot.org ReportedBy: letourne...

...e clear-text password of the user to be fully functional (If you use password-less setuser(), then the user doesn't have network access rights, e.g. no access to a network home dir). The problem is now: How to get the clear-text password from auth-passwd.c:auth_password() to uidswap.c:permanently_set_uid() where it would be needed as argument for setuser()? See [3] for the patch I'm currently using. My first idea would be to use the struct passwd pw_passwd field that is passed to permanently_set_uid() for storing the clear-text password after successful (password-)authentication. Before lo...

All, Could someone explain the purpose of the uidswap functions with respect to ssh ( the client ). From what I gathered , ssh installs as setuid root and swaps ids when reading potential key files that may be read only by root. Also , I think when binding to a privileged port ssh swaps id. Is that so? What are the consequnences if you do not install ssh setuid root? ( As far I as know no uid

...ing openssl 0.9.7c, zlib-1.1.4, and tcp_wrappers7.6. ssh itself seems to function ok, but sshd does not appear to be functioning properly for non-root users. After connecting and providing a password, the connection is closed, and we appear to get 3 messages in syslog like the following: fatal: permanently_set_uid: was able to restore old [e]uid It appears this may be coming out of uidswap.c As I mentioned, this problem does *not* occur if I'm logging in as root. I don't know if this is relevent or not, but UsePrivilegeSeparation is set to no. Any ideas/suggestions on this? FYI, this problem onl...

Hello All, The changing of group for the root results in the following message with OpenSSH 3.9p1 "permanently_set_uid: was able to restore old [e]gid" The following change in uidswap.c fixes me the problem. /* Try restoration of GID if changed (test clearing of saved gid) */ - if (old_gid != pw->pw_gid && + if(getgid() != pw->pw_gid && (setgid(old_gid) != -1 || setegid(old_gid) !...

...anding, the following changes have to take place: 1) Change the MAC (Mandatory Access Control) label of the process to the label requested by the user. This is loaded by the SGI pam_mac module into the PAM envinronment variable "MAC". I'm assuming this should happen sometime around permanently_set_uid in uidswap.c. 2) Change the capabilities of the process to the capabilities requested by the user. This is loaded by the SGI pam_cap module into the PAM encironment variable "CAP". I'm also assuming this should happen sometime around permanently_set_uid in uidswap.c. 3) Ignore the...

I'm fairly new to the list and new to submitting patches. Can someone please verify the attached patch for running a HP-UX Trusted System with PAM and OpenSSH 3.4p1? The problem seemed to be that pam couldn't verify the user via __pamh after the call to permanently_set_uid in session.c. So I called do_pam_session prior to the call and added a function do_pam_set_tty in order to set the tty after allocation. -- Dan Wanek -------------- next part -------------- diff -u -r openssh-3.4p1/auth-pam.c openssh-3.4p1-dw/auth-pam.c --- openssh-3.4p1/auth-pam.c Tue May 7 21:...

While attempting to debug something else I ran across this: ssh -vvv somehost . . . debug1: Connection established. debug1: permanently_set_uid: 0/0 debug1: identity file /root/.ssh/identity type -1 debug1: identity file /root/.ssh/identity-cert type -1 debug3: Not a RSA1 key file /root/.ssh/id_rsa. debug2: key_type_from_name: unknown key type '-----BEGIN' debug3: key_read: missing keytype debug3: key_read: missing whitespace . . ....

...mindrot.org ReportedBy: max at quendi.de sshd worked fine on Mac OS X up to and including 3.6.1p1. I never tried 3.7p1, but in 3.7.1p1 it definitely is broken. In particular, when ssh'ing to localhost, my server dies with this message: [...] debug3: privsep user:group 75:75 debug1: permanently_set_uid: 75/75 setuid 75: Operation not permitted debug1: Calling cleanup 0x25008(0x0) The full output: root# sshd -d -d -d debug2: read_server_config: filename /sw/etc/ssh/sshd_config debug1: sshd version OpenSSH_3.7.1p1 Could not load host key: /sw/etc/ssh/ssh_host_key Could not load host key: /sw/etc/...

...rstanding, the following changes have to take place: 1) Change the MAC (Mandatory Access Control) label of the process to the label requested by the user. This is loaded by the SGI pam_mac module into the PAM envinronment variable "MAC". I'm assuming this should happen sometime around permanently_set_uid in uidswap.c. 2) Change the capabilities of the process to the capabilities requested by the user. This is loaded by the SGI pam_cap module into the PAM encironment variable "CAP". I'm also assuming this should happen sometime around permanently_set_uid in uidswap.c. 3) Ignore the san...

...bugging mode. Connection from 127.0.0.1 port 59687 debug1: Client protocol version 2.0; client software version OpenSSH_3.7p1 debug1: match: OpenSSH_3.7p1 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-1.99-OpenSSH_3.7p1 debug1: permanently_set_uid: 17/17 setuid 17: Operation not permitted debug1: Calling cleanup 0x24c8c(0x0) Replacing uidswap.c with the version from 3.6p1 and recompiling produces a working sshd. I have not tracked down which change caused the breakage, but it should be easy enough. Jacques Distler -----BEGIN PGP SI...

http://bugzilla.mindrot.org/show_bug.cgi?id=653 Summary: sshd breaks logins after upgrade to 3.7.1p1 (Tru64 UNIX) Product: Portable OpenSSH Version: 3.7.1p1 Platform: Alpha OS/Version: other Status: NEW Severity: critical Priority: P2 Component: sshd AssignedTo: openssh-bugs at mindrot.org

...out BSD), trying to use a non-suid-root ssh client while having switched to a group other than the calling user's primary group (by sg or newgrp) fails with an error message: setgid <primary group>: Operation not permitted Looking for the reason of the failure, I found it in the function permanently_set_uid() in uidswap.c: It tries to set the gid to the value from /etc/passwd, which (at least on Linux) can only succeed if either the process has superuser privileges (the binary is installed suid root) or the real or effective gid is already that value. If a user is currently using a gid of a group that...

...xit(1); } endgrent(); + # if defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY) + irix_setusercontext(pw); + # endif /* defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY) */ + /* Permanently switch to the desired uid. */ + permanently_set_uid(pw); # ifdef USE_PAM /* * PAM credentials may take the form of supplementary groups. *************** *** 1143,1153 **** */ do_pam_setcred(0); # endif /* USE_PAM */ - # if defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY) - irix_setusercontext...

...session.c 9 Jan 2003 22:23:15 -0000 @@ -1204,7 +1204,7 @@ void do_setusercontext(struct passwd *pw) { #ifdef HAVE_CYGWIN - if (is_winnt) { + { #else /* HAVE_CYGWIN */ if (getuid() == 0 || geteuid() == 0) { #endif /* HAVE_CYGWIN */ @@ -1257,6 +1257,9 @@ do_setusercontext(struct passwd *pw) permanently_set_uid(pw); #endif } +#ifdef HAVE_CYGWIN + if (is_winnt) +#endif if (getuid() != pw->pw_uid || geteuid() != pw->pw_uid) fatal("Failed to set uids to %u.", (u_int) pw->pw_uid); } -- Corinna Vinschen Cygwin Developer Red Hat, Inc. mailto:vinschen at redhat.com