[scponly] segfault when trying to connect

Kaleb Pederson kibab at icehouse.net
Tue Jul 31 19:35:54 EDT 2007 

Thanks for trying Tim.  I've attached a newer patch with some more debugging 
code... but in the process of looking at that code, I noticed that you used 
the following on the configure line:

--with-sftp-server=/usr/lib64/ssh/

You might want to make that --with-sftp-server=/usr/lib64/ssh/sftp-server, 
although even if that fixes the problem we still need to fix something so it 
doesn't segfault.

So,... can you try changing the above on the configure line and then try the 
attached patch?

You'll want to apply this patch slightly differently than the last one:

patch -p1 < debug3.patch

Thanks.

--Kaleb


On Tuesday 31 July 2007, Tim Donnelly wrote:
> Kaleb,
>
> Using the debug2.patch file I again was unable to login to the server,
> however this time I did not get the segfault, just a straight connection
> closed on the client machine.  I haven't been rebuilding the chroot jail
> after each recompile/install, is that something I need to do?
>
> The /var/log/messages output is below, and traces are at
> http://www.coalliance.org/public.
>
> Jul 31 10:01:02 tester sshd[605]: Accepted keyboard-interactive/pam for
> scponly from 208.178.237.10 port 54051 ssh2
> Jul 31 10:01:02 tester sshd[639]: subsystem request for sftp
> Jul 31 10:01:02 tester scponly[640]: chrooted binary in place, will
> chroot() Jul 31 10:01:02 tester scponly[640]: 3 arguments in total.
> Jul 31 10:01:02 tester scponly[640]:    arg 0 is scponlyc
> Jul 31 10:01:02 tester scponly[640]:    arg 1 is -c
> Jul 31 10:01:02 tester scponly[640]:    arg 2 is /usr/lib64/ssh/sftp-server
> Jul 31 10:01:02 tester scponly[640]: opened log at LOG_AUTHPRIV, opts
> 0x00000029
> Jul 31 10:01:02 tester scponly[640]: determined USER is "scponly" from
> environment
> Jul 31 10:01:02 tester scponly[640]: retrieved home directory of
> "/home/scponly" for user "scponly"
> Jul 31 10:01:02 tester scponly[640]: Looking at root_dir: /home/scponly
> Jul 31 10:01:02 tester scponly[640]: Looking at root_dir: /scponly
> Jul 31 10:01:02 tester scponly[640]: chrooting to dir: "/home/scponly"
> Jul 31 10:01:02 tester scponly[640]: chdiring to dir: "/"
> Jul 31 16:01:02 tester scponly[640]: setting uid to 1007
> Jul 31 16:01:02 tester scponly[640]: processing request:
> "/usr/lib64/ssh/sftp-server"
> Jul 31 16:01:02 tester scponly[640]: checking restrictive
> filenames(username: scponly(1007), IP/port: 208.178.237.10 54051 22)
> Jul 31 16:01:02 tester scponly[640]: building arg vector (username:
> scponly(1007), IP/port: 208.178.237.10 54051 22)
> Jul 31 16:01:02 tester scponly[640]: substituting known paths (username:
> scponly(1007), IP/port: 208.178.237.10 54051 22)
>
> -----Original Message-----
> From: Kaleb Pederson [mailto:kibab at icehouse.net]
> Sent: Wednesday, July 25, 2007 10:33 PM
> To: scponly at lists.ccs.neu.edu
> Cc: Tim Donnelly
> Subject: Re: [scponly] segfault when trying to connect
>
> Thanks for trying Tim.
>
> I have attached a patch that will hopefully help us figure out about where
> it's failing...
>
> Feel free to add in other debug code similar to what I have attached that
> might help us figure out where it's segfaulting.
>
> Thanks.
>
> --Kaleb
>
> On Tuesday 24 July 2007, Tim Donnelly wrote:
> > Kaleb,
> >
> > I installed the snapshot version from your post to the list dated Jul
> > 18 and got the same results.  Below I have pasted the
> > /var/log/messages output and the trace output is available at the same
> > location (www.coalliance.org/public).
> >
> > Jul 23 15:23:36 tester sshd[18661]: Accepted keyboard-interactive/pam
> > for scponly from 208.178.237.110 port 38253 ssh2 Jul 23 15:23:36
> > tester sshd[18664]: subsystem request for sftp Jul 23 15:23:36 tester
> > scponly[18665]: chrooted binary in place, will
> > chroot()
> > Jul 23 15:23:36 tester scponly[18665]: 3 arguments in total.
> > Jul 23 15:23:36 tester scponly[18665]:  arg 0 is scponlyc Jul 23
> > 15:23:36 tester scponly[18665]:  arg 1 is -c Jul 23 15:23:36 tester
> > scponly[18665]:  arg 2 is /usr/lib64/ssh/sftp-server Jul 23 15:23:36
> > tester scponly[18665]: opened log at LOG_AUTHPRIV, opts
> > 0x00000029
> > Jul 23 15:23:36 tester scponly[18665]: determined USER is "scponly"
> > from environment Jul 23 15:23:36 tester scponly[18665]: retrieved home
> > directory of "/home/scponly" for user "scponly"
> > Jul 23 15:23:36 tester scponly[18665]: Looking at root_dir:
> > /home/scponly Jul 23 15:23:36 tester scponly[18665]: Looking at
> > root_dir: /scponly Jul 23 15:23:36 tester scponly[18665]: chrooting to
>
> dir: "/home/scponly"
>
> > Jul 23 15:23:36 tester scponly[18665]: chdiring to dir: "/"
> > Jul 23 21:23:36 tester scponly[18665]: setting uid to 1007 Jul 23
> > 21:23:36 tester scponly[18665]: processing request:
> > "/usr/lib64/ssh/sftp-server"
> > Jul 23 15:23:36 tester kernel: scponlyc[18665]: segfault at
> > 0000000000402c89 rip 00002b8aa095d972 rsp 00007fff0a2a1df0 e rror 7
> >
> > Any ideas?
> >
> > -----Original Message-----
> > From: Kaleb Pederson [mailto:kibab at icehouse.net]
> > Sent: Friday, July 20, 2007 4:58 PM
> > To: scponly at lists.ccs.neu.edu
> > Cc: Tim Donnelly
> > Subject: Re: [scponly] segfault when trying to connect
> >
> > Thanks for the details Tim.
> >
> > Can you try the latest CVS or the version I linked to a couple of days
>
> ago?
>
> > I'm not aware of any prcoblems in that area, but I would like to know
> > that this is fixed or fix the problem before our next release.
> >
> > Thanks.
> >
> > --Kaleb
> >
> >
> > _______________________________________________
> > scponly mailing list
> > scponly at lists.ccs.neu.edu
> > https://lists.ccs.neu.edu/bin/listinfo/scponly
>
> _______________________________________________
> scponly mailing list
> scponly at lists.ccs.neu.edu
> https://lists.ccs.neu.edu/bin/listinfo/scponly


-------------- next part --------------
A non-text attachment was scrubbed...
Name: debug3.patch
Type: text/x-diff
Size: 4020 bytes
Desc: not available
Url : https://lists.ccs.neu.edu/pipermail/scponly/attachments/20070731/10db0e55/attachment.bin 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
Url : https://lists.ccs.neu.edu/pipermail/scponly/attachments/20070731/10db0e55/attachment-0001.bin

More information about the scponly mailing list