From owner-freebsd-security  Thu Jul 25 14:10:37 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id EF30137B400
	for <freebsd-security@freebsd.org>; Thu, 25 Jul 2002 14:10:33 -0700 (PDT)
Received: from antalya.lupe-christoph.de (pD9E8887A.dip0.t-ipconnect.de [217.232.136.122])
	by mx1.FreeBSD.org (Postfix) with ESMTP id DBE6643E31
	for <freebsd-security@freebsd.org>; Thu, 25 Jul 2002 14:10:32 -0700 (PDT)
	(envelope-from lupe@lupe-christoph.de)
Received: by antalya.lupe-christoph.de (Postfix, from userid 1000)
	id B775381B; Thu, 25 Jul 2002 23:10:29 +0200 (CEST)
Date: Thu, 25 Jul 2002 23:10:29 +0200
To: "Travis L. Leuthauser" <travis@bbipmail.com>
Cc: freebsd-security@freebsd.org
Subject: Re: Openssh-portable
Message-ID: <20020725211029.GB18063@lupe-christoph.de>
References: <20020725145327.A404@melusine.cuivre.fr.eu.org> <NEBBIGMCEDGDNFGOAAFLKEFLKGAA.travis@bbipmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <NEBBIGMCEDGDNFGOAAFLKEFLKGAA.travis@bbipmail.com>
User-Agent: Mutt/1.3.28i
From: lupe@lupe-christoph.de (Lupe Christoph)
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

On Thursday, 2002-07-25 at 07:58:31 -0500, Travis L. Leuthauser wrote:
> As I understand, this is a known problem with openssh-portable when using
> privsep.  Apparently after initiating privsep, sshd attempts to read
> /etc/resolv.conf, which it can't since chrooted to /var/empty.  A workaround
> is to copy resolv.conf into /var/empty/etc.  The only problem w/ this is
> that /var/empty is intented to be empty.

If there is no (chroot)/etc/resolv.conf, the resolver will try
127.0.0.1. So if you run a local named, this will work.

HTH,
Lupe Christoph
-- 
| lupe@lupe-christoph.de       |           http://www.lupe-christoph.de/ |
| I have challenged the entire ISO-9000 quality assurance team to a      |
| Bat-Leth contest on the holodeck. They will not concern us again.      |
| http://public.logica.com/~stepneys/joke/klingon.htm                    |

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message