Date: Sat, 18 Jan 2003 09:05:49 -0500 (EST) From: Robert Watson <rwatson@FreeBSD.ORG> To: Andy Farkas <andyf@speednet.com.au> Cc: freebsd-current@FreeBSD.ORG Subject: Re: some 5.0 oddities Message-ID: <Pine.NEB.3.96L.1030118090335.67385D-100000@fledge.watson.org> In-Reply-To: <20030118124305.L44035-100000@hewey.af.speednet.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 18 Jan 2003, Andy Farkas wrote: > Some of observations of 5.0-RELEASE: > > 1/ Everytime I ssh to the box there are 4 connection attempts to UDP > port 53 from itself. ie: > > Jan 18 12:45:17 <kern.info> team2 kernel: Connection attempt to UDP 172.22.2.12:53 from 172.22.2.12:49205 > Jan 18 12:45:17 <kern.info> team2 kernel: Connection attempt to UDP 172.22.2.12:53 from 172.22.2.12:49206 > Jan 18 12:45:17 <kern.info> team2 kernel: Connection attempt to UDP 172.22.2.12:53 from 172.22.2.12:49207 > Jan 18 12:45:17 <kern.info> team2 kernel: Connection attempt to UDP 172.22.2.12:53 from 172.22.2.12:49208 > > I have log_in_vain="1" and /etc/resolv.conf points to 172.22.2.1 only. This occurs because there appear to be DNS lookups in the wrong "bit" of sshd due to privilege separation. Since the contained bit of sshd runs in /var/empty, and there's not resolv.conf. The work-arounds are to turn off login_in_vain, turn off privilege-separation, to put a resolv.conf in /var/empty/etc, or to ignore it. Not sure what the fix is. :-) Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Network Associates Laboratories To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1030118090335.67385D-100000>