About this list Date view Thread view Subject view Author view Attachment view

From: Herbert Poetzl (herbert_at_13thfloor.at)
Date: Thu 18 Sep 2003 - 22:53:34 BST


On Thu, Sep 18, 2003 at 11:04:19PM +0200, Dariush Pietrzak wrote:
> Hi,
> I don't understand what's going on with my systems.. I have few
> development vservers on my workstation, few of them run sshd...
> Lately one of them broke down - when you try to log in, it disconnects
> immediately after checking the password, sshd -d looks like this:
> debug1: Allocating pty.
> debug1: session_new: init
> debug1: session_new: session 0
> debug1: session_pty_req: session 0 alloc /dev/pts/22
> debug1: server_input_channel_req: channel 0 request shell reply 0
> debug1: session_by_channel: session 0 channel 0
> debug1: session_input_channel_req: session 0 req shell
> debug1: PAM setting tty to "/dev/pts/22"
> PAM session setup failed[6]: Permission denied
> debug1: Calling cleanup 0x8058180(0x808a400)
> debug1: session_by_tty: session 0 tty /dev/pts/22
> debug1: session_pty_cleanup: session 0 release /dev/pts/22

hmm, interesting, sounds like a bug to me,
but why wasn't it detected earlier?

by the way, which kernel, and patches?

> Why that happens?
> And why didn't it happen earlier? And still not happening on other
> vservers?

good question ...

try to find out what are the permissions of
/dev/pts/22 ...

> How does vservers mount /dev/pts and other things? I can't mount
> stuff from inside when I do it by hand.

that stuff is mounted from outside, in the
startup scripts (vserver <name> start) ...

with CAP_SYS_ADMIN you are allowed to do mounts
inside the vserver ... but it _is_ a security hole ...

HTH,
Herbert

> regards,
> --
> Mayoi komuno wa Usuyami no sekai, Dariush Pietrzak
> Key fingerprint = 40D0 9FFB 9939 7320 8294 05E0 BCC7 02C4 75CC 50D9


About this list Date view Thread view Subject view Author view Attachment view
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Thu 18 Sep 2003 - 23:16:22 BST by hypermail 2.1.3