From: Herbert Poetzl (herbert_at_13thfloor.at)
Date: Thu 18 Sep 2003 - 22:53:34 BST
On Thu, Sep 18, 2003 at 11:04:19PM +0200, Dariush Pietrzak wrote:
> I don't understand what's going on with my systems.. I have few
> development vservers on my workstation, few of them run sshd...
> Lately one of them broke down - when you try to log in, it disconnects
> immediately after checking the password, sshd -d looks like this:
> debug1: Allocating pty.
> debug1: session_new: init
> debug1: session_new: session 0
> debug1: session_pty_req: session 0 alloc /dev/pts/22
> debug1: server_input_channel_req: channel 0 request shell reply 0
> debug1: session_by_channel: session 0 channel 0
> debug1: session_input_channel_req: session 0 req shell
> debug1: PAM setting tty to "/dev/pts/22"
> PAM session setup failed: Permission denied
> debug1: Calling cleanup 0x8058180(0x808a400)
> debug1: session_by_tty: session 0 tty /dev/pts/22
> debug1: session_pty_cleanup: session 0 release /dev/pts/22
hmm, interesting, sounds like a bug to me,
but why wasn't it detected earlier?
by the way, which kernel, and patches?
> Why that happens?
> And why didn't it happen earlier? And still not happening on other
good question ...
try to find out what are the permissions of
> How does vservers mount /dev/pts and other things? I can't mount
> stuff from inside when I do it by hand.
that stuff is mounted from outside, in the
startup scripts (vserver <name> start) ...
with CAP_SYS_ADMIN you are allowed to do mounts
inside the vserver ... but it _is_ a security hole ...
> Mayoi komuno wa Usuyami no sekai, Dariush Pietrzak
> Key fingerprint = 40D0 9FFB 9939 7320 8294 05E0 BCC7 02C4 75CC 50D9