From owner-freebsd-current Sun Nov 3 11:49:10 2002 Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 58A3637B401; Sun, 3 Nov 2002 11:49:09 -0800 (PST) Received: from mailout08.sul.t-online.com (mailout08.sul.t-online.com [194.25.134.20]) by mx1.FreeBSD.org (Postfix) with ESMTP id 894CF43E6E; Sun, 3 Nov 2002 11:49:03 -0800 (PST) (envelope-from Alexander@Leidinger.net) Received: from fwd11.sul.t-online.de by mailout08.sul.t-online.com with smtp id 188Qk1-0003J4-03; Sun, 03 Nov 2002 20:49:01 +0100 Received: from Andro-Beta.Leidinger.net (520065502893-0001@[80.131.109.76]) by fmrl11.sul.t-online.com with esmtp id 188Qjs-0Ub6PYC; Sun, 3 Nov 2002 20:48:52 +0100 Received: from Magelan.Leidinger.net (Magelan [192.168.1.1]) by Andro-Beta.Leidinger.net (8.12.6/8.12.6) with ESMTP id gA3JmsL7001684; Sun, 3 Nov 2002 20:48:54 +0100 (CET) (envelope-from Alexander@Leidinger.net) Received: from Magelan.Leidinger.net (netchild@localhost [127.0.0.1]) by Magelan.Leidinger.net (8.12.6/8.12.6) with SMTP id gA3Jn2ve006703; Sun, 3 Nov 2002 20:49:02 +0100 (CET) (envelope-from Alexander@Leidinger.net) Date: Sun, 3 Nov 2002 20:49:02 +0100 From: Alexander Leidinger To: current@freebsd.org Cc: markus@openbsd.org, des@freebsd.org Subject: ssh-agent broken with pam_ssh for xdm (+ fix for ssh-agent.c) Message-Id: <20021103204902.3c6b3705.Alexander@Leidinger.net> X-Mailer: Sylpheed version 0.8.5claws (GTK+ 1.2.10; i386-portbld-freebsd5.0) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Sender: 520065502893-0001@t-dialin.net Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hi, [Markus: this is on FreeBSD-current with $OpenBSD: ssh-agent.c,v 1.105 2002/10/01 20:34:12 markus Exp $] I use pam_ssh in pam.d/xdm and after an update to todays -current, it doesn't add my key anymore. In /var/log/messages I see the following if I try a "ssh-add -l": ---snip--- ssh-agent[6438]: error: uid mismatch: peer euid 1000 != uid 0 ---snip--- ssh-agent.c:after_select() contains: ---snip--- if ((euid != 0) && (getuid() != euid)) { error("uid mismatch: " "peer euid %u != uid %u", (u_int) euid, (u_int) getuid()); close(sock); break; } ---snip--- As ssh_agent gets startet from pam_ssh in xdm (which runs as root -> getuid() = 0, geteuid() = 1000), it is obvious why it doesn't work. At the moment I have this piece of code commented out, but I think this should get changed to use geteuid() instead of getuid(). Or did I misunderstood the idea behind the above code? Bye, Alexander. -- Loose bits sink chips. http://www.Leidinger.net Alexander @ Leidinger.net GPG fingerprint = C518 BC70 E67F 143F BE91 3365 79E2 9C60 B006 3FE7 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message