On Thu, Sep 18, 2003 at 11:04:19PM +0200, Dariush Pietrzak wrote: > Hi, > I don't understand what's going on with my systems.. I have few > development vservers on my workstation, few of them run sshd... > Lately one of them broke down - when you try to log in, it disconnects > immediately after checking the password, sshd -d looks like this: > debug1: Allocating pty. > debug1: session_new: init > debug1: session_new: session 0 > debug1: session_pty_req: session 0 alloc /dev/pts/22 > debug1: server_input_channel_req: channel 0 request shell reply 0 > debug1: session_by_channel: session 0 channel 0 > debug1: session_input_channel_req: session 0 req shell > debug1: PAM setting tty to "/dev/pts/22" > PAM session setup failed[6]: Permission denied > debug1: Calling cleanup 0x8058180(0x808a400) > debug1: session_by_tty: session 0 tty /dev/pts/22 > debug1: session_pty_cleanup: session 0 release /dev/pts/22
hmm, interesting, sounds like a bug to me, but why wasn't it detected earlier? by the way, which kernel, and patches? > Why that happens? > And why didn't it happen earlier? And still not happening on other > vservers? good question ... try to find out what are the permissions of /dev/pts/22 ... > How does vservers mount /dev/pts and other things? I can't mount > stuff from inside when I do it by hand. that stuff is mounted from outside, in the startup scripts (vserver <name> start) ... with CAP_SYS_ADMIN you are allowed to do mounts inside the vserver ... but it _is_ a security hole ... HTH, Herbert > regards, > -- > Mayoi komuno wa Usuyami no sekai, Dariush Pietrzak > Key fingerprint = 40D0 9FFB 9939 7320 8294 05E0 BCC7 02C4 75CC 50D9
