Date: Wed, 5 Feb 2014 08:51:51 +0100 From: Dimitry Andric <dim@FreeBSD.org> To: Vladimir Sharun <sharun@ukr.net> Cc: Ian FREISLICH <ianf@clue.co.za>, current@freebsd.org Subject: Re: sshd sandbox failure Message-ID: <843FE764-A432-497D-AAC7-D06FB71AF57D@FreeBSD.org> In-Reply-To: <1391504775.87254301.zmbcoto6@frv45.fwdcdn.com> References: <E1WAbIj-000GeW-ME@clue.co.za> <1391504775.87254301.zmbcoto6@frv45.fwdcdn.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--Apple-Mail=_722A8017-1271-4AF7-97C1-44FB5B3AC044 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii On 04 Feb 2014, at 10:08, Vladimir Sharun <sharun@ukr.net> wrote: > Seems it must be in UPDATING or even in the buildworld: without = capsicum framework support no ssh access to the server anymore. >=20 > I step in the same problem this weekend, thank to the IPMI on the home = testebed I figured out what's the cause. >>=20 >> Since the openssh update in recent -CURRENT, I get these in my >> auth.log until I disable sandbox UsePrivilegeSeparation in = sshd_config. >>=20 >> Feb 3 10:02:14 firewall1 sshd[90062]: fatal: ssh_sandbox_child: = failed to limit the network socket [preauth] >>=20 >> Is there something that I missed during the update? This was an oversight fixed by Pawel in r261499. Pawel, maybe you can add a special note to UPDATING for it? -Dimitry --Apple-Mail=_722A8017-1271-4AF7-97C1-44FB5B3AC044 Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP using GPGMail -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) iEYEARECAAYFAlLx7ZsACgkQsF6jCi4glqNOPACePpTuFY9O1GaQtRuIxTN1bnNG Ix4AnjPWAmnoaCTL0VywMnR/EL++2xrE =QA82 -----END PGP SIGNATURE----- --Apple-Mail=_722A8017-1271-4AF7-97C1-44FB5B3AC044--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?843FE764-A432-497D-AAC7-D06FB71AF57D>