similar to: [Bug 1960] New: Running sshd in wrong SELinux context causes segmentation fault when a user logs in

As posted, here is an updated patch which allows openssh to be built with non-selinux config. (Hi openssh guys, forwarding this to you incase you interested including it into the devel version of openssh. Please let us know if you have any suggestions or changes that need to be made) Regards Nigel Kukard On Thu, Sep 02, 2004 at 04:11:54PM -0400, Daniel J Walsh wrote: > New SSH patch. >

Currently I have a RH6.1 host with selinux enabled On this I am running a LXC container with ubuntu (without selinux) with OpenSSH_5.3p1 Debian-3ubuntu4, OpenSSL 0.9.8k 25 Mar 2009 when I try to do a ssh connection to the lxc container I get : ... debug1: Next authentication method: password root at 192.168.2.11's password: debug1: Authentication succeeded (password). debug1: channel 0: new

Hi, (please CC me as I'm not subscribed to the list) If compiled with SELinux support, OpenSSH 4.8 current cvs fails for accounts where the new ChrootDirectory option is active : debug1: PAM: establishing credentials debug3: PAM: opening session debug2: User child is on pid 1695 debug3: mm_request_receive entering debug1: PAM: establishing credentials debug3: safely_chroot: checking

Hello, First, a big thank you to the OpenSSH devs. _ /Problem Summary:/ _ Chroot and SELinux don't get along. This affects both the new (official) ChrootDirectory feature, as well as the older (3rd party) patch at http://chrootssh.sourceforge.net/. _ /History and repro:/ _ On March 21, 2008, Alexandre Rossi posted to this list with the subject: "*ChrootDirectory

Note: I am digest subscriber so if you could copy me directly on any reply to the list I would appreciate it very much. I sent this to the OpenSSH list (secureshell at securityfocus.com) yesterday and received no response so I am asking here in hopes that someone else has run across this problem on CentOS. We have encountered a situation that requires sftp access to one of our server by an

http://bugzilla.mindrot.org/show_bug.cgi?id=1325 Summary: SELinux support broken when SELinux is in permissive mode Product: Portable OpenSSH Version: 4.6p1 Platform: Other URL: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=430838 OS/Version: Linux Status: NEW Severity: normal

the memory which is allocated by matchpathcon should be freed after it is useless Signed-off-by: Roy Li <rongqing.li at windriver.com> --- openbsd-compat/port-linux.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) --- a/openbsd-compat/port-linux.c +++ b/openbsd-compat/port-linux.c @@ -217,8 +217,10 @@ ssh_selinux_setfscreatecon(const char *p setfscreatecon(NULL);

The memory which is allocated by matchpathcon should be freed after it is used Signed-off-by: Roy Li <rongqing.li at windriver.com> --- openbsd-compat/port-linux.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) --- a/openbsd-compat/port-linux.c +++ b/openbsd-compat/port-linux.c @@ -217,8 +217,10 @@ ssh_selinux_setfscreatecon(const char *p setfscreatecon(NULL); return;

https://bugzilla.mindrot.org/show_bug.cgi?id=2482 Bug ID: 2482 Summary: SELinux integration Product: Portable OpenSSH Version: 7.1p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: sshd Assignee: unassigned-bugs at mindrot.org

https://bugzilla.mindrot.org/show_bug.cgi?id=1726 Summary: ChrootDirectory doesn't work with SE Linux Product: Portable OpenSSH Version: 5.3p1 Platform: Other URL: http://bugs.debian.org/556644 OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: sshd

Hi,   A question on something which normally should be easy !   I perform a linear regression using lm function:   > reg1 <- lm (a b+c+d, data = database1)   Then I try to perform the Chow (1960) test (structural change test) on my regression. I know the breakpoint date. I try the following code like it is described in the “Examples” section of the “strucchange” package :   > sctest(reg1,

Allow users to specify certificates to be used for authentication on the command line with the '-z' argument when running ssh. For successful authentication, the key pair associated with the certificate must also be presented during the ssh. Certificates may also be specified in ssh_config as a CertificateFile. This option is meant the address the issue mentioned in the following

I have renamed all of the patch files to .txt, which should be acceptable for the mailer daemon at mindrot, per Angel's suggestion. I am attaching the patch files to the email, with the extra space removed and a minor correction made. Bill Parker (wp02855 at gmail dot com) -------------- next part -------------- --- port-linux.c.orig 2012-12-19 17:40:53.231529475 -0800 +++ port-linux.c

Hi all, I must admit that I am stuck. I have a TDM400P card with two FXS and two FXO modules which I had set up and configured so that it was working beautifully. The only problem was that occasionally it would get itself into a state where outgoing calls would simply be met with a very loud static. A reboot would fix this issue and everything would work fine for a while. Recently however,

CentOS Errata and Bugfix Advisory 2014:1960 Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-1960.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: dc2b3a7f255b5c2ab4ffdabbef6a81dd6bb0130a6c1b8a29daf58da3ecda1525 publican-3.2.0-4.el7.noarch.rpm

CentOS Errata and Bugfix Advisory 2015:1960 Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-1960.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 44c773a207b2bbadd860c336bff99ade4b4429a1f83cefbfd7fd29791cba8cd2 389-ds-base-1.3.3.1-23.el7_1.x86_64.rpm

Hello All, In reviewing source code for OpenSSH-6.1p1, I found instances of deprecated library calls still within various source code files. Examples of deprecated calls are: bzero() (replaced with memset() which is ANSI compliant), index() (replaced with strchr() which is also ANSI compliant). In file 'auth2-jpake.c', I've replaced all the bzero() calls with the equivalent

https://bugzilla.mindrot.org/show_bug.cgi?id=1960 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #3 from Damien Miller <djm at mindrot.org> --- Set all RESOLVED bugs to CLOSED with release

Your message has been blocked from being delivered due to the following.. - false or missing mail adress, - scanning error, - unknown domain or domain unreachable, - unknown mail user, - mail is not RFC conformant, - false or missed mail header or boundary. Please check your message for this, correct possible errors and retry sending. If the problem persists please contact the

https://bugzilla.mindrot.org/show_bug.cgi?id=2134 Bug ID: 2134 Summary: invalid prototype for get_last_login_time() Product: Portable OpenSSH Version: 6.2p1 Hardware: Other OS: FreeBSD Status: NEW Severity: enhancement Priority: P5 Component: Build system Assignee: