From owner-freebsd-stable  Fri Feb  7  6:49:30 2003
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id A209F37B401
	for <stable@freebsd.org>; Fri,  7 Feb 2003 06:49:28 -0800 (PST)
Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 5921C43FBF
	for <stable@freebsd.org>; Fri,  7 Feb 2003 06:49:27 -0800 (PST)
	(envelope-from des@ofug.org)
Received: by flood.ping.uio.no (Postfix, from userid 2602)
	id 7B057536E; Fri,  7 Feb 2003 15:49:24 +0100 (CET)
X-URL: http://www.ofug.org/~des/
X-Disclaimer: The views expressed in this message do not necessarily
  coincide with those of any organisation or company with
  which I am or have been affiliated.
To: stable@freebsd.org
Subject: Re: Problems with pam_ssh(8) and ssh-agent(1) after the OpenSSH
 upgrade
From: Dag-Erling Smorgrav <des@ofug.org>
Date: Fri, 07 Feb 2003 15:49:24 +0100
In-Reply-To: <xzpk7gcplrh.fsf@flood.ping.uio.no> (Dag-Erling Smorgrav's
 message of "Fri, 07 Feb 2003 08:56:02 +0100")
Message-ID: <xzpk7gcno23.fsf@flood.ping.uio.no>
User-Agent: Gnus/5.090014 (Oort Gnus v0.14) Emacs/21.2 (i386--freebsd)
References: <xzpk7gcplrh.fsf@flood.ping.uio.no>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-stable.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-stable>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-stable>
X-Loop: FreeBSD.ORG

Dag-Erling Smorgrav <des@ofug.org> writes:
> As some of you have already noticed and reported, ssh-agent doesn't
> work quite right when spawned by pam_ssh after the OpenSSH upgrade
> earlier this week.

Could somebody experiencing this problem please test the following
patch:

Index: ssh-agent.c
===================================================================
RCS file: /home/ncvs/src/crypto/openssh/ssh-agent.c,v
retrieving revision 1.16
diff -u -u -r1.16 ssh-agent.c
--- ssh-agent.c   29 Oct 2002 10:16:02 -0000    1.16
+++ ssh-agent.c   7 Feb 2003 07:09:47 -0000
@@ -955,6 +955,7 @@
   /* drop */
   setegid(getgid());
   setgid(getgid());
+  setuid(geteuid());
 
        SSLeay_add_all_algorithms();
 

After applying it, rebuild and reinstall ssh-agent as follows:

# cd /usr/src/secure/usr.bin/ssh-agent
# make && make install

DES
-- 
Dag-Erling Smorgrav - des@ofug.org

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message