Displaying 20 results from an estimated 100 matches similar to: "problem using sshd inside a LXC container"
2008 May 25
1
OpenSSH + chroot + SELinux = broke
Hello,
First, a big thank you to the OpenSSH devs.
_ /Problem Summary:/
_ Chroot and SELinux don't get along. This affects both the new
(official) ChrootDirectory feature, as well as the older (3rd party)
patch at http://chrootssh.sourceforge.net/.
_ /History and repro:/
_ On March 21, 2008, Alexandre Rossi posted to this list with the
subject: "*ChrootDirectory
2010 Feb 03
5
OpenSSH-5.3p1 selinux problem on CentOS-5.4.
Note: I am digest subscriber so if you could copy me directly on any
reply to the list I would appreciate it very much.
I sent this to the OpenSSH list (secureshell at securityfocus.com)
yesterday and received no response so I am asking here in hopes that
someone else has run across this problem on CentOS.
We have encountered a situation that requires sftp access to one of
our server by an
2011 Dec 13
5
[Bug 1960] New: Running sshd in wrong SELinux context causes segmentation fault when a user logs in
https://bugzilla.mindrot.org/show_bug.cgi?id=1960
Bug #: 1960
Summary: Running sshd in wrong SELinux context causes
segmentation fault when a user logs in
Classification: Unclassified
Product: Portable OpenSSH
Version: 5.8p1
Platform: amd64
OS/Version: Linux
Status: NEW
Severity: minor
2008 Mar 21
1
ChrootDirectory fails if compiled with SELinux support (whether or not using SELinux)
Hi,
(please CC me as I'm not subscribed to the list)
If compiled with SELinux support, OpenSSH 4.8 current cvs fails for
accounts where the new ChrootDirectory option is active :
debug1: PAM: establishing credentials
debug3: PAM: opening session
debug2: User child is on pid 1695
debug3: mm_request_receive entering
debug1: PAM: establishing credentials
debug3: safely_chroot: checking
2004 Sep 07
0
Please review openssh patch for selinux
As posted, here is an updated patch which allows openssh to be built
with non-selinux config.
(Hi openssh guys, forwarding this to you incase you interested including
it into the devel version of openssh. Please let us know if you have any
suggestions or changes that need to be made)
Regards
Nigel Kukard
On Thu, Sep 02, 2004 at 04:11:54PM -0400, Daniel J Walsh wrote:
> New SSH patch.
>
2007 Jun 27
4
[Bug 1325] New: SELinux support broken when SELinux is in permissive mode
http://bugzilla.mindrot.org/show_bug.cgi?id=1325
Summary: SELinux support broken when SELinux is in permissive
mode
Product: Portable OpenSSH
Version: 4.6p1
Platform: Other
URL: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=430838
OS/Version: Linux
Status: NEW
Severity: normal
2011 Jan 24
10
[Bug 1850] New: Build fails when SELinux is enabled
https://bugzilla.mindrot.org/show_bug.cgi?id=1850
Summary: Build fails when SELinux is enabled
Product: Portable OpenSSH
Version: 5.7p1
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: Build system
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy:
2004 Sep 24
2
strange behavior of ipsec tunnel mode
hello
i am trying to set up ipsec in my network, for now just between two hosts, using to use AH & ESP
in tunnel mode to get all of packet encrypted. keys are negotiated with racoon.
mayby using tunnel mode in this case can seems strange, but i know what i am doing.
after setting up everything i have done few tests with ping & tcpdump. but the results are very suprising.
bellow is what i
2013 Jul 29
1
[LLVMdev] llvm-g++ 4.6.4 unable to compile simple shared library on Ubuntu 12.04 x86_64
Hi,
I am trying to release a Makefile for building my company's software
that will be flexible enough to use the llvm suite of compilers to build
shared libraries for talking to USB peripherals. The problem that I am
having is that while I am able to build a shared library using llvm-gcc
, the llvm-g++ compiler is giving me error messages saying "
relocation R_X86_64_PC32 against
2006 Mar 21
1
Problem with SAMBA+HEARTBEAT
Hi all,
I have two servers ZEUS (MASTER - 192.168.2.11) and POSEIDON (SLAVE - 192.168.2.12) with HeartBeat+DRBD+SAMBA installed ; HeartBeat is controlling SAMBA.
I have a big partition which are mirrored /share.
I moved all important directory on it. For example:
# mv /var/lib/samba /share/cluster/varlibsamba
# mv /var/cache/samba /share/cluster/varcachesamba
and I make a link for each one:
# ln
2013 Apr 09
1
[OpenSIPS-Users] 404 When BYE initiated by external callee
On Tue, Apr 9, 2013 at 1:22 PM, Bogdan-Andrei Iancu <bogdan at opensips.org>wrote:
> **
> Hi Nick,
>
> The BYE is not properly formed and rejected by script - in the 200 OK of
> the INVITE, you can see that your opensips is doing Record-Routing, but the
> BYE does not contain the corresponding Route hdr, so SIP routing is
> impossible.
>
> Regards,
>
>
2005 Oct 14
1
DoveCot 1.0a3 hangs at login
I've just upgraded to 1.0a3 via a freebsd port, and I've begun to
notice odd behaviour from Dovecot. After converting my config file
settings over to the new format, everything runs fine for an hour or
so, then dovecot stops responding:
oot at toejamfootball# telnet localhost 143
Trying ::1...
telnet: connect to address ::1: Connection refused
Trying 127.0.0.1...
Connected to localhost.
2004 Dec 05
2
host list in /etc/shorewall/hosts: interface ignored
Hi,
the new function ''shorewall show zones'' in 2.2.0-Beta showed a thing
which is (in my view) either abug or not documented.
If I have a line in /etc/shorewall/hosts which reads
work br0:eth0:192.168.2.10,192.168.2.11,192.168.2.12
then "show zones" has the output
work
br0:eth0:192.168.2.10
br0:192.168.2.11
br0:192.168.2.12
That is, the
2008 May 22
0
SIP configuration issues
Apologies if this is a repeat: I trawled through the archives and couldn't
find a reasonable answer, so I'm asking here. I have an Asterisk install
connecting from behind a NAT device (DSL modem) to a SIP proxy (in my case,
Broadvoice). I have an sjphone softphone on a Windows PC also behind the NAT
device that connects to the Asterisk install, and using this setup I've been
pretty
2008 Apr 09
2
Captive Portal with Shorewall
.
"Saluton",
Sorry by my poor english, I speak Portuguese.
I does a captive portal using:
- shorewall
- dhcpd
- thttpd (in port 8080)
- maradns
With Shorewall I use dinamic zones.
The initial zone in shorewall is
configured to redirects access to
internal thttpd port 8080, that
shows a login.cgi page.
With thttpd I rewrite original url.
The apache rewrite is very cool, but
thttpd
2016 Jul 05
1
Problem in bridged networking
Hello,
I am facing some problems in bridged networking.
I have successfully created a bridge br0 and added a virtual machine to it.
Now the address of virtual machine is 10.1.3.31. I am able to connect to
this virtual machine by another computer on same network.
The virtual machine is hosting a simple python http server on port 8000,
while some other service is running on port 80
When I try
2013 Mar 10
1
Register Free Opensips/Asterisk Integration
Hello Everyone,
I have gone through a few really good tutorials from the OpenSIPS
site, Asterisk resources etc.. The unanswered question (and final
piece of our puzzle) is if it's possible to have a register free
environment in an OpenSIPS/Asterisk integration. Most approaches have
OpenSIPS relay the UA's REGISTER request to Asterisk which has
"host=dynamic" set for the
2010 Oct 21
1
killing remote commands
Dear ssh gurus,
Here's the version I'm testing on :
flavien :/$ ssh -V
OpenSSH_5.3p1 Debian-3ubuntu4, OpenSSL 0.9.8k 25 Mar 2009
I launch a remote command :
flavien$ ssh -o ControlMaster=yes -o ControlPath=/tmp/ssh-control localhost 'echo pid:$$ ...sleeping...; sleep 2803'
flavien at localhost's password:
pid:11565 ...sleeping...
On another shell, I
2006 Jun 15
0
Windows XP 64-bit, Samba 3 and permissions
Hi guys
I've been running Samba 3 for a while as my PDC in our office with a number
of XP clients and a MacOS 10 client, without undue problems.
Recently, though, we upgraded a couple of workstations to 64bit and these
two workstations now have problems getting up the user dialog that 32bit XP
has no problem with.
When you select a folder, go to it's security options and hit
2003 Feb 24
2
www over ipsec behind shorewal problem
This one is a bit complex so if no help is forthcoming, I understand.
I have 2 shorewall firewalls (1.3.13) up and running. (both machines running
Gentoo Linux 1.4_rc2) I have freeswan (1.98) running on each of them. I have
squid setup as a caching/filtering server on each of them. Each of them was
originally setup using the Two-interface Quick Start Guide. Then the Squid
guide and then the IPSEC