From owner-freebsd-stable@FreeBSD.ORG Sun Feb 6 06:12:47 2005 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3B95D16A4CE for ; Sun, 6 Feb 2005 06:12:47 +0000 (GMT) Received: from pop-a065d14.pas.sa.earthlink.net (pop-a065d14.pas.sa.earthlink.net [207.217.121.252]) by mx1.FreeBSD.org (Postfix) with ESMTP id E39C643D49 for ; Sun, 6 Feb 2005 06:12:46 +0000 (GMT) (envelope-from andrei@kableu.com) Received: from h-69-3-28-133.snvacaid.dynamic.covad.net ([69.3.28.133] helo=mail.kableu.com) by pop-a065d14.pas.sa.earthlink.net with esmtp (Exim 3.33 #1) id 1Cxff4-0003cd-00; Sat, 05 Feb 2005 22:12:46 -0800 Received: from warrior.kableu.com (warrior.kableu.com [192.168.0.1]) by mail.kableu.com (Postfix) with ESMTP id E651EC0E1; Sat, 5 Feb 2005 22:12:45 -0800 (PST) Received: by warrior.kableu.com (Postfix, from userid 1001) id 7849311445; Sat, 5 Feb 2005 22:12:45 -0800 (PST) Date: Sat, 5 Feb 2005 22:12:45 -0800 From: Andrew Konstantinov To: Doug White Message-ID: <20050206061245.GA1774@warrior.kableu.com> References: <20050130084359.GA36069@warrior.kableu.com> <20050201012056.GA47334@warrior.kableu.com> <20050202070820.GA26302@warrior.kableu.com> <20050203210643.T47315@carver.gumbysoft.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="HcAYCG3uE/tztfnV" Content-Disposition: inline In-Reply-To: <20050203210643.T47315@carver.gumbysoft.com> User-Agent: Mutt/1.4.2.1i cc: freebsd-stable@freebsd.org Subject: Re: 5.3 -> 5 : sshd multiple log entries & login_getclass: unknown class 'root' X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 06 Feb 2005 06:12:47 -0000 --HcAYCG3uE/tztfnV Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Feb 03, 2005 at 09:11:07PM -0800, Doug White wrote: > On Tue, 1 Feb 2005, Andrew Konstantinov wrote: >=20 > > > > I can't reproduce this on my systems, many of which started at 5.3 = and now > > > > build 5-stable. Are you using the system ssh or one you built from= ports? > > > > > > > > What is the output of 'ls -l /etc/login.conf*'? > > > > I knew I wasn't hallucinating. When I rebuild and reinstall src/lib/libc > > from RELENG_5_3 sources on RELENG_5 system, all of the above problems > > disappear altogether. The bugs are in the dynamically linked library > > that sshd relies on. Once the new library is in place and > > "/etc/rc.d/sshd restart" is performed, the bugs disappear. I don't have > > time to dig into that right now, but I'll be back with patches. >=20 > The simple fact stands that noone else can reproduce this, which leads me > to believe you took a non-standard approach to upgrading, and therefore > are getting what you asked for. :-) >=20 > If you can provide exact reproduction steps, starting from bare metal, > I'll follow them. No algorithm for reproduction yet, but here is some additional information regarding this issue: First of all, I just rebuild everything in the system twice, following the proper sequence each time. Here are the steps I've taken: - cvsup /usr/src with RELENG_5 - cd /usr/src && make buildworld buildkernel installkernel - reboot into single user mode - mount all - cd /usr/src && make installworld - mergemaster - find /bin /sbin /lib /libexec /usr/bin /usr/sbin /usr/lib /usr/libexec \ /usr/libdata /usr/include -ctime +1d -exec rm -rf {} \; - reboot - rm -rf /usr/include/* - cd /usr/src && make includes - cd /usr/src && make buildworld buildkernel installkernel - reboot into single user mode - mount all - cd /usr/src && make installworld - mergemaster - find /bin /sbin /lib /libexec /usr/bin /usr/sbin /usr/lib /usr/libexec \ /usr/libdata /usr/include -ctime +1d -exec rm -rf {} \; - reboot That sequence of steps should guarantee that none of the old libraries or o= ld includes in the /usr/include find their way into the upgraded system. Sadly, this didn't change anything. The other important thing that I've noticed is that when I set UsePrivilegeSeparation in sshd_config to "no", all those bugs disappear. I'll try to come up with a recipe for reproduction once I have enough time. Andrew --HcAYCG3uE/tztfnV Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQFCBbVdg+6MtxSjexcRAgogAKCPgmJGSUFK7k8XQ4UY72SkhPCRjACgk2hP NSxlXWw9gFbAkeDSYm72T4g= =4rFk -----END PGP SIGNATURE----- --HcAYCG3uE/tztfnV--