On Sat, Feb 05, 2005 at 10:12:45PM -0800, Andrew Konstantinov wrote: > On Thu, Feb 03, 2005 at 09:11:07PM -0800, Doug White wrote: > > On Tue, 1 Feb 2005, Andrew Konstantinov wrote: > > > > > > > I can't reproduce this on my systems, many of which started at 5.3 > > > > > and now > > > > > build 5-stable. Are you using the system ssh or one you built from > > > > > ports? > > > > > > > > > > What is the output of 'ls -l /etc/login.conf*'? > > > > > > I knew I wasn't hallucinating. When I rebuild and reinstall src/lib/libc > > > from RELENG_5_3 sources on RELENG_5 system, all of the above problems > > > disappear altogether. The bugs are in the dynamically linked library > > > that sshd relies on. Once the new library is in place and > > > "/etc/rc.d/sshd restart" is performed, the bugs disappear. I don't have > > > time to dig into that right now, but I'll be back with patches. > > > > The simple fact stands that noone else can reproduce this, which leads me > > to believe you took a non-standard approach to upgrading, and therefore > > are getting what you asked for. :-) > > > > If you can provide exact reproduction steps, starting from bare metal, > > I'll follow them. > > The other important thing that I've noticed is that when I set > UsePrivilegeSeparation in sshd_config to "no", all those bugs disappear.
Also, when I traced sshd in debug mode using gdb, I've found that /usr/src/lib/libc/gen/getcap.c lines 246 - 274 work properly and return the valid "root" entry from the login database and that code is enclosed in the else statement that is a part of "if (fd >= 0)" construction. So, I apparently, something gets to getent around cgetent with already existing file descriptor which causes a different portion of code to be executed (instead of 246 - 274) which in its turn causes a problem. Perhaps the descriptor is poing to a wrong file? Andrew
pgpPt89yqM7MF.pgp
Description: PGP signature