From: Herbert Poetzl (herbert_at_13thfloor.at)
Date: Wed 27 Apr 2005 - 23:24:29 BST
On Wed, Apr 27, 2005 at 10:57:31PM +0200, Arjen wrote:
> On 27/4/05 10:13 pm, "Herbert Poetzl" <herbert_at_13thfloor.at> wrote:
> > On Wed, Apr 27, 2005 at 08:05:20PM +0200, Arjen wrote:
> >> On 27/4/05 7:54 pm, "Herbert Poetzl" <herbert_at_13thfloor.at> wrote:
> >>
> >> I guess you found the full output by now, I send it to you directly (too big
> >> for the list) but for the interested readers,
> >>
> >>> what does the following give (inside the vserver)
> >>>
> >>> ls -la /dev/tty
> >>
> >> $ ls -al /dev/tty*
> >> crw-rw---- 1 root tty 5, 0 Mar 4 14:39 /dev/tty
> >> crw------- 1 root tty 4, 0 Mar 4 14:39 /dev/tty0
> >> crw-rw---- 1 root tty 4, 1 Mar 4 14:39 /dev/tty1
> >> crw-rw---- 1 root tty 4, 10 Mar 4 14:39 /dev/tty10
> >> crw-rw---- 1 root tty 4, 11 Mar 4 14:39 /dev/tty11
> >> crw------- 1 root root 4, 12 Apr 27 19:20 /dev/tty12
> >> crw-rw---- 1 root tty 4, 13 Mar 4 14:39 /dev/tty13
> >> crw-rw---- 1 root tty 4, 14 Mar 4 14:39 /dev/tty14
> >> crw-rw---- 1 root tty 4, 15 Mar 4 14:39 /dev/tty15
> >> crw-rw---- 1 root tty 4, 16 Mar 4 14:39 /dev/tty16
> >> crw-rw---- 1 root tty 4, 17 Mar 4 14:39 /dev/tty17
> >> crw-rw---- 1 root tty 4, 18 Mar 4 14:39 /dev/tty18
> >> crw-rw---- 1 root tty 4, 19 Mar 4 14:39 /dev/tty19
> >> crw-rw---- 1 root tty 4, 2 Mar 4 14:39 /dev/tty2
> >> crw-rw---- 1 root tty 4, 20 Mar 4 14:39 /dev/tty20
> >
> > interesting, how did all this stuff get into your guest?
>
> Following http://dev.gentoo.org/~hollow/vserver/guide/
>
> > don't remember what the issue was (because you removed
> > the context) but check if whatever fails is in the tty
> > group and/or if you really want /dev/tty to have thise
> > permissions and/or if you really want/need /dev/tty at
> > all ...
>
> Sorry about that, he issue was,
> Last lines of: strace ssh germ:
>
> open("/etc/ssh/ssh_known_hosts", O_RDONLY) = -1 ENOENT (No such file or
> directory)
> open("/dev/tty", O_RDWR) = -1 EACCES (Permission denied)
> open("/dev/tty", O_RDWR) = -1 EACCES (Permission denied)
check that your use is in the tty group, as your
last list showed
crw-rw---- 1 root tty 5, 0 Apr 22 03:11 /dev/tty
> write(2, "Host key verification failed.\r\n", 31Host key verification
> failed.
> ) = 31
> exit_group(255) = ?
>
> All my vservers are like this, unlike the host, which is correct I guess:
>
> crw-rw-rw- 1 root tty 5, 0 Apr 22 03:11 /dev/tty
> lrwxrwxrwx 1 root root 4 Apr 22 03:11 /dev/tty0 -> vc/0
> lrwxrwxrwx 1 root root 4 Apr 22 03:11 /dev/tty1 -> vc/1
> lrwxrwxrwx 1 root root 5 Apr 22 03:11 /dev/tty10 -> vc/10
> lrwxrwxrwx 1 root root 5 Apr 22 03:11 /dev/tty11 -> vc/11
> lrwxrwxrwx 1 root root 5 Apr 22 03:11 /dev/tty12 -> vc/12
> lrwxrwxrwx 1 root root 5 Apr 22 03:11 /dev/tty13 -> vc/13
> lrwxrwxrwx 1 root root 5 Apr 22 03:11 /dev/tty14 -> vc/14
> lrwxrwxrwx 1 root root 5 Apr 22 03:11 /dev/tty15 -> vc/15
> etc
well, a vserver guest's /dev should not contain more than
the following entries (if it does, then the server is
insecure and should not be used ...)
full log= null ptmx pts/ random urandom zero
and maybe entries for hdv1, tty, console
HTH,
Herbert
PS: I'm on irc ...
> I'm not sure whats causing this .. I even think I installed host and
> vservers from the same tarball, could it be that some ebuild uses the
> (gentoo) vserver use-flag to do this somewhere during install of a vserver?
>
> Confused!
> -Arjen
>
> > HTH,
> > Herbert
> >
> >>> and on the host:
> >>>
> >>> showattr /vservers/<name>/dev/tty
> >>>
> >> # showattr /vservers/midget/dev/tty
> >> ----ui- /vservers/midget/dev/tty
> >>
> >> HTH,
> >> -Arjen
> >>
> >>
> >> _______________________________________________
> >> Vserver mailing list
> >> Vserver_at_list.linux-vserver.org
> >> http://list.linux-vserver.org/mailman/listinfo/vserver
>
>
> _______________________________________________
> Vserver mailing list
> Vserver_at_list.linux-vserver.org
> http://list.linux-vserver.org/mailman/listinfo/vserver
_______________________________________________
Vserver mailing list
Vserver_at_list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver