[scponly] segfault when trying to connect

Kaleb Pederson kibab at icehouse.net
Wed Aug 1 21:05:29 EDT 2007 

Tim,

I was careless with that last patch, so it doesn't work :(.  I have attached a 
working patch.  This should be applied to the unpatched snapshot version as 
follows:

$ cd scponly-20070718
$ patch -p1 < debug3.patch

This one has been tested, so hopefully it will work for you and sorry for the 
trouble.

Thanks.

--Kaleb



On Tuesday 31 July 2007, Kaleb Pederson wrote:
> Thanks for trying Tim.  I've attached a newer patch with some more
> debugging code... but in the process of looking at that code, I noticed
> that you used the following on the configure line:
>
> --with-sftp-server=/usr/lib64/ssh/
>
> You might want to make that --with-sftp-server=/usr/lib64/ssh/sftp-server,
> although even if that fixes the problem we still need to fix something so
> it doesn't segfault.
>
> So,... can you try changing the above on the configure line and then try
> the attached patch?
>
> You'll want to apply this patch slightly differently than the last one:
>
> patch -p1 < debug3.patch
>
> Thanks.
>
> --Kaleb
>
> On Tuesday 31 July 2007, Tim Donnelly wrote:
> > Kaleb,
> >
> > Using the debug2.patch file I again was unable to login to the server,
> > however this time I did not get the segfault, just a straight connection
> > closed on the client machine.  I haven't been rebuilding the chroot jail
> > after each recompile/install, is that something I need to do?
> >
> > The /var/log/messages output is below, and traces are at
> > http://www.coalliance.org/public.
> >
> > Jul 31 10:01:02 tester sshd[605]: Accepted keyboard-interactive/pam for
> > scponly from 208.178.237.10 port 54051 ssh2
> > Jul 31 10:01:02 tester sshd[639]: subsystem request for sftp
> > Jul 31 10:01:02 tester scponly[640]: chrooted binary in place, will
> > chroot() Jul 31 10:01:02 tester scponly[640]: 3 arguments in total.
> > Jul 31 10:01:02 tester scponly[640]:    arg 0 is scponlyc
> > Jul 31 10:01:02 tester scponly[640]:    arg 1 is -c
> > Jul 31 10:01:02 tester scponly[640]:    arg 2 is
> > /usr/lib64/ssh/sftp-server Jul 31 10:01:02 tester scponly[640]: opened
> > log at LOG_AUTHPRIV, opts 0x00000029
> > Jul 31 10:01:02 tester scponly[640]: determined USER is "scponly" from
> > environment
> > Jul 31 10:01:02 tester scponly[640]: retrieved home directory of
> > "/home/scponly" for user "scponly"
> > Jul 31 10:01:02 tester scponly[640]: Looking at root_dir: /home/scponly
> > Jul 31 10:01:02 tester scponly[640]: Looking at root_dir: /scponly
> > Jul 31 10:01:02 tester scponly[640]: chrooting to dir: "/home/scponly"
> > Jul 31 10:01:02 tester scponly[640]: chdiring to dir: "/"
> > Jul 31 16:01:02 tester scponly[640]: setting uid to 1007
> > Jul 31 16:01:02 tester scponly[640]: processing request:
> > "/usr/lib64/ssh/sftp-server"
> > Jul 31 16:01:02 tester scponly[640]: checking restrictive
> > filenames(username: scponly(1007), IP/port: 208.178.237.10 54051 22)
> > Jul 31 16:01:02 tester scponly[640]: building arg vector (username:
> > scponly(1007), IP/port: 208.178.237.10 54051 22)
> > Jul 31 16:01:02 tester scponly[640]: substituting known paths (username:
> > scponly(1007), IP/port: 208.178.237.10 54051 22)
> >
> > -----Original Message-----
> > From: Kaleb Pederson [mailto:kibab at icehouse.net]
> > Sent: Wednesday, July 25, 2007 10:33 PM
> > To: scponly at lists.ccs.neu.edu
> > Cc: Tim Donnelly
> > Subject: Re: [scponly] segfault when trying to connect
> >
> > Thanks for trying Tim.
> >
> > I have attached a patch that will hopefully help us figure out about
> > where it's failing...
> >
> > Feel free to add in other debug code similar to what I have attached that
> > might help us figure out where it's segfaulting.
> >
> > Thanks.
> >
> > --Kaleb
> >
> > On Tuesday 24 July 2007, Tim Donnelly wrote:
> > > Kaleb,
> > >
> > > I installed the snapshot version from your post to the list dated Jul
> > > 18 and got the same results.  Below I have pasted the
> > > /var/log/messages output and the trace output is available at the same
> > > location (www.coalliance.org/public).
> > >
> > > Jul 23 15:23:36 tester sshd[18661]: Accepted keyboard-interactive/pam
> > > for scponly from 208.178.237.110 port 38253 ssh2 Jul 23 15:23:36
> > > tester sshd[18664]: subsystem request for sftp Jul 23 15:23:36 tester
> > > scponly[18665]: chrooted binary in place, will
> > > chroot()
> > > Jul 23 15:23:36 tester scponly[18665]: 3 arguments in total.
> > > Jul 23 15:23:36 tester scponly[18665]:  arg 0 is scponlyc Jul 23
> > > 15:23:36 tester scponly[18665]:  arg 1 is -c Jul 23 15:23:36 tester
> > > scponly[18665]:  arg 2 is /usr/lib64/ssh/sftp-server Jul 23 15:23:36
> > > tester scponly[18665]: opened log at LOG_AUTHPRIV, opts
> > > 0x00000029
> > > Jul 23 15:23:36 tester scponly[18665]: determined USER is "scponly"
> > > from environment Jul 23 15:23:36 tester scponly[18665]: retrieved home
> > > directory of "/home/scponly" for user "scponly"
> > > Jul 23 15:23:36 tester scponly[18665]: Looking at root_dir:
> > > /home/scponly Jul 23 15:23:36 tester scponly[18665]: Looking at
> > > root_dir: /scponly Jul 23 15:23:36 tester scponly[18665]: chrooting to
> >
> > dir: "/home/scponly"
> >
> > > Jul 23 15:23:36 tester scponly[18665]: chdiring to dir: "/"
> > > Jul 23 21:23:36 tester scponly[18665]: setting uid to 1007 Jul 23
> > > 21:23:36 tester scponly[18665]: processing request:
> > > "/usr/lib64/ssh/sftp-server"
> > > Jul 23 15:23:36 tester kernel: scponlyc[18665]: segfault at
> > > 0000000000402c89 rip 00002b8aa095d972 rsp 00007fff0a2a1df0 e rror 7
> > >
> > > Any ideas?
> > >
> > > -----Original Message-----
> > > From: Kaleb Pederson [mailto:kibab at icehouse.net]
> > > Sent: Friday, July 20, 2007 4:58 PM
> > > To: scponly at lists.ccs.neu.edu
> > > Cc: Tim Donnelly
> > > Subject: Re: [scponly] segfault when trying to connect
> > >
> > > Thanks for the details Tim.
> > >
> > > Can you try the latest CVS or the version I linked to a couple of days
> >
> > ago?
> >
> > > I'm not aware of any prcoblems in that area, but I would like to know
> > > that this is fixed or fix the problem before our next release.
> > >
> > > Thanks.
> > >
> > > --Kaleb
> > >
> > >
> > > _______________________________________________
> > > scponly mailing list
> > > scponly at lists.ccs.neu.edu
> > > https://lists.ccs.neu.edu/bin/listinfo/scponly
> >
> > _______________________________________________
> > scponly mailing list
> > scponly at lists.ccs.neu.edu
> > https://lists.ccs.neu.edu/bin/listinfo/scponly


-------------- next part --------------
A non-text attachment was scrubbed...
Name: debug3.patch
Type: text/x-diff
Size: 3464 bytes
Desc: not available
Url : https://lists.ccs.neu.edu/pipermail/scponly/attachments/20070801/d8e5c511/attachment.bin 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
Url : https://lists.ccs.neu.edu/pipermail/scponly/attachments/20070801/d8e5c511/attachment-0001.bin

More information about the scponly mailing list