similar to: [Bug 969] early setpcred() stomps on PAM

Displaying 20 results from an estimated 1100 matches similar to: "[Bug 969] early setpcred() stomps on PAM"

2006 Oct 09
3
[Bug 1249] pam_open_session called with dropped privs
http://bugzilla.mindrot.org/show_bug.cgi?id=1249 Summary: pam_open_session called with dropped privs Product: Portable OpenSSH Version: 4.4p1 Platform: PPC OS/Version: AIX Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: bitbucket at mindrot.org ReportedBy: dleonard at
2009 Mar 02
0
About setpcred() and chroot()
Hi, I need to use sftp-only accounts, chroot()ed in their home dirs, on AIX 5.3 with OpenSSH_5.2p1. But there is a problem with the chroot() call. In the do_setusercontext() function, chroot() is called after the setpcred() (only AIX is concerned by the setpcred() call), so privileges are already dropped when chroot() is called. When not calling setpcred(), the chroot() does not fail and the
2005 Dec 16
4
[Bug 1133] configure.ac sets wrong BROKEN_ var (snprintf/vsnprintf)
http://bugzilla.mindrot.org/show_bug.cgi?id=1133 Summary: configure.ac sets wrong BROKEN_ var (snprintf/vsnprintf) Product: Portable OpenSSH Version: -current Platform: HPPA OS/Version: HP-UX Status: NEW Severity: major Priority: P2 Component: Build system AssignedTo: bitbucket at mindrot.org
2002 Jun 25
3
BSD/OS with privsep
I need this for BSD/OS 4.2 + privsep perhaps we should not call do_setusercontext() after chroot(). --- sshd.c.orig Fri Jun 21 03:09:47 2002 +++ sshd.c Tue Jun 25 13:11:03 2002 @@ -548,21 +548,35 @@ /* Change our root directory*/ if (chroot(_PATH_PRIVSEP_CHROOT_DIR) == -1) fatal("chroot(\"%s\"): %s", _PATH_PRIVSEP_CHROOT_DIR, strerror(errno)); if
2009 Mar 06
20
[Bug 1567] New: Insufficient privileges to chroot() on AIX
https://bugzilla.mindrot.org/show_bug.cgi?id=1567 Summary: Insufficient privileges to chroot() on AIX Product: Portable OpenSSH Version: 5.2p1 Platform: PPC OS/Version: AIX Status: NEW Severity: major Priority: P2 Component: sshd AssignedTo: unassigned-bugs at mindrot.org ReportedBy: bana
2005 Aug 26
3
[Bug 1066] off-by-one error with GSSAPI names
http://bugzilla.mindrot.org/show_bug.cgi?id=1066 Summary: off-by-one error with GSSAPI names Product: Portable OpenSSH Version: 4.1p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo: bitbucket at mindrot.org ReportedBy: dleonard at
2006 Sep 14
3
[Bug 1228] kbd-int device for AIX authenticate
http://bugzilla.mindrot.org/show_bug.cgi?id=1228 Summary: kbd-int device for AIX authenticate Product: Portable OpenSSH Version: 4.3p2 Platform: Other OS/Version: AIX Status: NEW Severity: enhancement Priority: P2 Component: sshd AssignedTo: bitbucket at mindrot.org ReportedBy: dleonard at
2006 Aug 18
2
[Bug 1219] typo in ssh_config
http://bugzilla.mindrot.org/show_bug.cgi?id=1219 Summary: typo in ssh_config Product: Portable OpenSSH Version: 4.3p2 Platform: Other OS/Version: All Status: NEW Severity: trivial Priority: P2 Component: Miscellaneous AssignedTo: bitbucket at mindrot.org ReportedBy: dleonard at vintela.com
2007 Feb 13
2
[Bug 1283] findssl assumes existence of 'which'
http://bugzilla.mindrot.org/show_bug.cgi?id=1283 Summary: findssl assumes existence of 'which' Product: Portable OpenSSH Version: v4.5p1 Platform: Other OS/Version: Linux Status: NEW Severity: minor Priority: P2 Component: Miscellaneous AssignedTo: bitbucket at mindrot.org
2005 Jul 14
2
[Bug 1028] sshd does not forward final non-query conversations to client during pam auth
http://bugzilla.mindrot.org/show_bug.cgi?id=1028 ------- Additional Comments From dtucker at zip.com.au 2005-07-14 13:57 ------- Does the attached patch fix the issue you're seeing? ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
2002 Aug 13
1
Further comment on chroot patch for openssh-3.4p1
The way this was last supplied to this list (2002-07-13) has the chroot after the call to 'setpcred'. In AIX 4.3.3 the call to setpcred changes the uid and eff. uid to the user attempting to logon. Then the call to chroot( new_home ) fails because AIX requires that any user issuing the chroot subroutine be at root authority. Net result: attempting to do a chroot after the call to
2002 Jun 06
9
[Bug 261] AIX capabilities + port-aix.c cleanup
http://bugzilla.mindrot.org/show_bug.cgi?id=261 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- OS/Version|other |AIX ------- Additional Comments From dtucker at zip.com.au 2002-06-06 21:22 ------- I finally got a chance to try this. I got compile
2003 Oct 28
4
AIX patch for openssh-3.7.1p2
There are a couple of bugs in the openssh-3.7.1p2. The aix_setauthdb function does not work with other types of authentication such as AFS/DFS. The loginfailed test in configure is not correct. Also, AIX can use the wtmp logging which I added in configure. Attached is the patch. Thanks, Matt Richards -------------- next part -------------- *** openssh-3.7.1p2/openbsd-compat/port-aix.c Mon Jul 14
2003 Oct 02
1
Connection drops after entering password.
Has anyone seen the error that I'm getting below? After you ssh to the box and enter the password the connection just closes. SSH Version { root at xxxxxxxx} # ssh -V OpenSSH_3.7p1, SSH protocols 1.5/2.0, OpenSSL 0.9.7b 10 Apr 2003 OS Version { root at xxxxxxxx } # oslevel -r AIX 4330-09 SSH Connect Failure { root at xxxxxxxxx } # ssh -l xxxxxxxxx -v localhost OpenSSH_3.7p1, SSH protocols
2002 Jul 04
4
Chroot patch (v3.4p1)
The following is a patch I've been working on to support a "ChrootUser" option in the sshd_config file. I was looking for a way to offer sftp access and at the same time restict interactive shell access. This patch is a necessary first step (IMO). It applies clean with 'patch -l'. Also attached is a shell script that helps to build a chrooted home dir on a RedHat 7.2
2006 Feb 20
2
Primary and secondary group issues with Vintela VAS and Samba
I'm wondering if anyone on the Samba mailing list has seen this problem with Vintela VAS and Samba. ---------- The problem I am having is that Vintela VAS knows about the groups in AD but Samba only seems to recognize a user's primary group in AD. So, if I chgrp a file or directory in Solaris to anything other than a user's primary group and share it out via samba, a user is not
2009 Dec 01
4
[Bug 1678] New: Insufficient privileges to chroot() on AIX
https://bugzilla.mindrot.org/show_bug.cgi?id=1678 Summary: Insufficient privileges to chroot() on AIX Product: Portable OpenSSH Version: 5.3p1 Platform: PPC OS/Version: AIX Status: NEW Severity: major Priority: P2 Component: sshd AssignedTo: unassigned-bugs at mindrot.org ReportedBy:
2014 Dec 28
2
Compiling a static openssh server
Hello, I'm trying to compile a static openssh-server, simply by running: export LDFLAGS=-static ./configure make sshd but the linker shows the warnings I've quoted on the bottom of this mail. The warnings say that I cannot use NSS functions when statically compiling. This makes sshd not work because at runtime, every call to getpwnam returns 0. Do you know a way to compile openssh
2006 Apr 27
0
bug in OpenSSH_4.3p2: pam_open_session() called but not close for root users
For root sessions pam_open_session is called, but not pam_close_session. sshd behavior is broken for root logins because if pam session is run from the child, close is never called due to exec: on open since use_privsep is not set, parent calls do_exec_pty(), which does not open session. then, it skips calling do_setusercontext(), so it does not open session. child calls
2003 Jul 03
0
AIX cleanups: includes and arguments
Hi All. First the questions: Is there anything objectionable in this patch? Is AUDIT_FAIL_AUTH appropriate for the "Reason" field? Now the details: attached is a patch that changes some of the #includes for AIX. It moves the AIX-specific includes to port-aix.h and adds includes that contain the prototypes for many of the authentication functions. The idea isto fix some warnings.