Displaying 20 results from an estimated 1100 matches similar to: "[Bug 969] early setpcred() stomps on PAM"
2006 Oct 09
3
[Bug 1249] pam_open_session called with dropped privs
http://bugzilla.mindrot.org/show_bug.cgi?id=1249
Summary: pam_open_session called with dropped privs
Product: Portable OpenSSH
Version: 4.4p1
Platform: PPC
OS/Version: AIX
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: bitbucket at mindrot.org
ReportedBy: dleonard at
2009 Mar 02
0
About setpcred() and chroot()
Hi,
I need to use sftp-only accounts, chroot()ed in their home dirs, on AIX 5.3
with OpenSSH_5.2p1.
But there is a problem with the chroot() call.
In the do_setusercontext() function, chroot() is called after the setpcred()
(only AIX is concerned by the setpcred() call), so privileges are already
dropped when chroot() is called.
When not calling setpcred(), the chroot() does not fail and the
2005 Dec 16
4
[Bug 1133] configure.ac sets wrong BROKEN_ var (snprintf/vsnprintf)
http://bugzilla.mindrot.org/show_bug.cgi?id=1133
Summary: configure.ac sets wrong BROKEN_ var (snprintf/vsnprintf)
Product: Portable OpenSSH
Version: -current
Platform: HPPA
OS/Version: HP-UX
Status: NEW
Severity: major
Priority: P2
Component: Build system
AssignedTo: bitbucket at mindrot.org
2002 Jun 25
3
BSD/OS with privsep
I need this for BSD/OS 4.2 + privsep
perhaps we should not call do_setusercontext() after
chroot().
--- sshd.c.orig Fri Jun 21 03:09:47 2002
+++ sshd.c Tue Jun 25 13:11:03 2002
@@ -548,21 +548,35 @@
/* Change our root directory*/
if (chroot(_PATH_PRIVSEP_CHROOT_DIR) == -1)
fatal("chroot(\"%s\"): %s", _PATH_PRIVSEP_CHROOT_DIR,
strerror(errno));
if
2009 Mar 06
20
[Bug 1567] New: Insufficient privileges to chroot() on AIX
https://bugzilla.mindrot.org/show_bug.cgi?id=1567
Summary: Insufficient privileges to chroot() on AIX
Product: Portable OpenSSH
Version: 5.2p1
Platform: PPC
OS/Version: AIX
Status: NEW
Severity: major
Priority: P2
Component: sshd
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy: bana
2005 Aug 26
3
[Bug 1066] off-by-one error with GSSAPI names
http://bugzilla.mindrot.org/show_bug.cgi?id=1066
Summary: off-by-one error with GSSAPI names
Product: Portable OpenSSH
Version: 4.1p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: ssh
AssignedTo: bitbucket at mindrot.org
ReportedBy: dleonard at
2006 Sep 14
3
[Bug 1228] kbd-int device for AIX authenticate
http://bugzilla.mindrot.org/show_bug.cgi?id=1228
Summary: kbd-int device for AIX authenticate
Product: Portable OpenSSH
Version: 4.3p2
Platform: Other
OS/Version: AIX
Status: NEW
Severity: enhancement
Priority: P2
Component: sshd
AssignedTo: bitbucket at mindrot.org
ReportedBy: dleonard at
2006 Aug 18
2
[Bug 1219] typo in ssh_config
http://bugzilla.mindrot.org/show_bug.cgi?id=1219
Summary: typo in ssh_config
Product: Portable OpenSSH
Version: 4.3p2
Platform: Other
OS/Version: All
Status: NEW
Severity: trivial
Priority: P2
Component: Miscellaneous
AssignedTo: bitbucket at mindrot.org
ReportedBy: dleonard at vintela.com
2007 Feb 13
2
[Bug 1283] findssl assumes existence of 'which'
http://bugzilla.mindrot.org/show_bug.cgi?id=1283
Summary: findssl assumes existence of 'which'
Product: Portable OpenSSH
Version: v4.5p1
Platform: Other
OS/Version: Linux
Status: NEW
Severity: minor
Priority: P2
Component: Miscellaneous
AssignedTo: bitbucket at mindrot.org
2005 Jul 14
2
[Bug 1028] sshd does not forward final non-query conversations to client during pam auth
http://bugzilla.mindrot.org/show_bug.cgi?id=1028
------- Additional Comments From dtucker at zip.com.au 2005-07-14 13:57 -------
Does the attached patch fix the issue you're seeing?
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
2002 Aug 13
1
Further comment on chroot patch for openssh-3.4p1
The way this was last supplied to this list (2002-07-13) has the chroot
after the call to 'setpcred'. In AIX 4.3.3 the call to setpcred changes
the uid and eff. uid to the user attempting to logon. Then the call to
chroot( new_home ) fails because AIX requires that any user issuing
the chroot subroutine be at root authority.
Net result: attempting to do a chroot after the call to
2002 Jun 06
9
[Bug 261] AIX capabilities + port-aix.c cleanup
http://bugzilla.mindrot.org/show_bug.cgi?id=261
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
OS/Version|other |AIX
------- Additional Comments From dtucker at zip.com.au 2002-06-06 21:22 -------
I finally got a chance to try this. I got compile
2003 Oct 28
4
AIX patch for openssh-3.7.1p2
There are a couple of bugs in the openssh-3.7.1p2. The aix_setauthdb
function does not work with other types of authentication such as AFS/DFS.
The loginfailed test in configure is not correct. Also, AIX can use the
wtmp logging which I added in configure. Attached is the patch.
Thanks,
Matt Richards
-------------- next part --------------
*** openssh-3.7.1p2/openbsd-compat/port-aix.c Mon Jul 14
2003 Oct 02
1
Connection drops after entering password.
Has anyone seen the error that I'm getting below? After you ssh to the box
and enter the password the connection just closes.
SSH Version
{ root at xxxxxxxx} # ssh -V
OpenSSH_3.7p1, SSH protocols 1.5/2.0, OpenSSL 0.9.7b 10 Apr 2003
OS Version
{ root at xxxxxxxx } # oslevel -r
AIX 4330-09
SSH Connect Failure
{ root at xxxxxxxxx } # ssh -l xxxxxxxxx -v localhost
OpenSSH_3.7p1, SSH protocols
2002 Jul 04
4
Chroot patch (v3.4p1)
The following is a patch I've been working on to support a "ChrootUser"
option in the sshd_config file.
I was looking for a way to offer sftp access and at the same time restict
interactive shell access. This patch is a necessary first step (IMO).
It applies clean with 'patch -l'.
Also attached is a shell script that helps to build a chrooted home dir on
a RedHat 7.2
2006 Feb 20
2
Primary and secondary group issues with Vintela VAS and Samba
I'm wondering if anyone on the Samba mailing list has seen this problem
with Vintela VAS and Samba.
----------
The problem I am having is that Vintela VAS knows about the groups in
AD but Samba only seems to recognize a user's primary group in AD. So,
if I chgrp a file or directory in Solaris to anything other than a
user's primary group and share it out via samba, a user is not
2009 Dec 01
4
[Bug 1678] New: Insufficient privileges to chroot() on AIX
https://bugzilla.mindrot.org/show_bug.cgi?id=1678
Summary: Insufficient privileges to chroot() on AIX
Product: Portable OpenSSH
Version: 5.3p1
Platform: PPC
OS/Version: AIX
Status: NEW
Severity: major
Priority: P2
Component: sshd
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy:
2014 Dec 28
2
Compiling a static openssh server
Hello,
I'm trying to compile a static openssh-server, simply by running:
export LDFLAGS=-static
./configure
make sshd
but the linker shows the warnings I've quoted on the bottom of this mail.
The warnings say that I cannot use NSS functions when statically compiling.
This makes sshd not work because at runtime, every call to getpwnam returns
0.
Do you know a way to compile openssh
2006 Apr 27
0
bug in OpenSSH_4.3p2: pam_open_session() called but not close for root users
For root sessions pam_open_session is called, but not pam_close_session.
sshd behavior is broken for root logins because if pam session
is run from the child, close is never called due to exec:
on open
since use_privsep is not set, parent calls do_exec_pty(),
which does not open session. then, it skips calling do_setusercontext(),
so it does not open session.
child calls
2003 Jul 03
0
AIX cleanups: includes and arguments
Hi All.
First the questions:
Is there anything objectionable in this patch?
Is AUDIT_FAIL_AUTH appropriate for the "Reason" field?
Now the details: attached is a patch that changes some of the #includes
for AIX. It moves the AIX-specific includes to port-aix.h and adds
includes that contain the prototypes for many of the authentication
functions. The idea isto fix some warnings.