On Thu, Feb 03, 2005 at 09:11:07PM -0800, Doug White wrote: > On Tue, 1 Feb 2005, Andrew Konstantinov wrote: > > > > > I can't reproduce this on my systems, many of which started at 5.3 and > > > > now > > > > build 5-stable. Are you using the system ssh or one you built from > > > > ports? > > > > > > > > What is the output of 'ls -l /etc/login.conf*'? > > > > I knew I wasn't hallucinating. When I rebuild and reinstall src/lib/libc > > from RELENG_5_3 sources on RELENG_5 system, all of the above problems > > disappear altogether. The bugs are in the dynamically linked library > > that sshd relies on. Once the new library is in place and > > "/etc/rc.d/sshd restart" is performed, the bugs disappear. I don't have > > time to dig into that right now, but I'll be back with patches. > > The simple fact stands that noone else can reproduce this, which leads me > to believe you took a non-standard approach to upgrading, and therefore > are getting what you asked for. :-) > > If you can provide exact reproduction steps, starting from bare metal, > I'll follow them.
No algorithm for reproduction yet, but here is some additional information regarding this issue: First of all, I just rebuild everything in the system twice, following the proper sequence each time. Here are the steps I've taken: - cvsup /usr/src with RELENG_5 - cd /usr/src && make buildworld buildkernel installkernel - reboot into single user mode - mount all - cd /usr/src && make installworld - mergemaster - find /bin /sbin /lib /libexec /usr/bin /usr/sbin /usr/lib /usr/libexec \ /usr/libdata /usr/include -ctime +1d -exec rm -rf {} \; - reboot - rm -rf /usr/include/* - cd /usr/src && make includes - cd /usr/src && make buildworld buildkernel installkernel - reboot into single user mode - mount all - cd /usr/src && make installworld - mergemaster - find /bin /sbin /lib /libexec /usr/bin /usr/sbin /usr/lib /usr/libexec \ /usr/libdata /usr/include -ctime +1d -exec rm -rf {} \; - reboot That sequence of steps should guarantee that none of the old libraries or old includes in the /usr/include find their way into the upgraded system. Sadly, this didn't change anything. The other important thing that I've noticed is that when I set UsePrivilegeSeparation in sshd_config to "no", all those bugs disappear. I'll try to come up with a recipe for reproduction once I have enough time. Andrew
pgpQvS0ZAPFWN.pgp
Description: PGP signature