Author: thomas Date: Tue Mar 2 08:40:31 2021 New Revision: 24325 Log: Fix a seccomp issue in OpenSSH
Modified: trunk/BOOK/introduction/welcome/changelog.xml trunk/BOOK/postlfs/security/openssh.xml Modified: trunk/BOOK/introduction/welcome/changelog.xml ============================================================================== --- trunk/BOOK/introduction/welcome/changelog.xml Tue Mar 2 03:21:49 2021 (r24324) +++ trunk/BOOK/introduction/welcome/changelog.xml Tue Mar 2 08:40:31 2021 (r24325) @@ -45,6 +45,9 @@ <para>March 2nd, 2021</para> <itemizedlist> <listitem> + <para>[thomas] - Fix a seccomp issue in OpenSSH on non-x86_64 platforms.</para> + </listitem> + <listitem> <para>[ken] - Update to nss-3.62. Fixes <ulink url="&blfs-ticket-root;14684">#14684</ulink>.</para> </listitem> Modified: trunk/BOOK/postlfs/security/openssh.xml ============================================================================== --- trunk/BOOK/postlfs/security/openssh.xml Tue Mar 2 03:21:49 2021 (r24324) +++ trunk/BOOK/postlfs/security/openssh.xml Tue Mar 2 08:40:31 2021 (r24325) @@ -152,6 +152,17 @@ <screen><userinput remap="pre">sed -e '/INSTALLKEYS_SH/s/)//' -e '260a\ )' -i contrib/ssh-copy-id</userinput></screen> <para> + Next, fix an issue on platforms other than x86_64: + </para> + <screen><userinput remap="pre">if [ "$(uname -m)" != "x86_64" ]; then + l1="#ifdef __NR_pselect6_time64" + l2=" SC_ALLOW(__NR_pselect6_time64)," + l3="#endif" + sed -e "/^#ifdef __NR_read$/ i $l1\n$l2\n$l3" \ + -i sandbox-seccomp-filter.c +fi</userinput></screen> + + <para> Install <application>OpenSSH</application> by running the following commands: </para> -- http://lists.linuxfromscratch.org/listinfo/blfs-book FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page