Free Downloads, Community Forum,
FAQs and Developer Resources


Make /Tools Your Home | Link to us

Today's posts | Posts since last visit | Most Active Topics

All Forums Register Login Search Subscriptions My Profile Inbox
Tool Warehouse FAQs Resources Help Member List Address Book Logout

New openssh is broken

 
Logged in as: Guest
Users viewing this topic: none
  Printable Version
All Forums >> [SFU / Interix / SUA Technology] >> Interix Advanced Forum >> New openssh is broken Page: [1]
Login
Message << Older Topic   Newer Topic >>
New openssh is broken - Apr. 10, '06, 7:38:32 AM   
steveh

 

Posts: 195
Joined: Jan. 23, '04,
Status: offline
After updating to the latest version of openssh mentioned here:
http://www.interopsystems.com/tools/tm.aspx?m=8669

I have the following problems:
1. rc scripts no longer work, on stop the pid is not found.
2. remote login no longer works.

I'm currently investigating #2 and will report more when I have it but wanted to left people know.
Post #: 1
RE: New openssh is broken - Apr. 10, '06, 8:37:43 AM   
steveh

 

Posts: 195
Joined: Jan. 23, '04,
Status: offline
ok #2 solved starting sshd from the cmd line doesnt seem to work. A full reboot after upgrade has restored functionaility.

(in reply to steveh)
Post #: 2
RE: New openssh is broken - Apr. 10, '06, 12:43:13 PM   
Rodney

 

Posts: 3714
Joined: Jul. 9, '02,
From: /Tools lab
Status: offline
For #2 were you installing as local "Administrator" or as a user in the "administrators" group ?

For #1: 'rc' scripts are usually only run at startup/boot. Which script exactly were you
trying to run and with what args?

(in reply to steveh)
Post #: 3
RE: New openssh is broken - Apr. 10, '06, 12:55:11 PM   
steveh

 

Posts: 195
Joined: Jan. 23, '04,
Status: offline
Administrators group.
After running the pkg_update sshd was not running so I tried to run:
/etc/rc2.d/S32sshd start
This did start but when I had issues I ran:
/etc/rc2.d/S32sshd stop
Which couldnt find the pid. Now I know the reboot cured the problem it was more than likely due to .pid file not being writeable by the current user.

A bit too used to all rc working from the command line from unix. Just one of those gotchas I suppose. Something to add the post scripts "To restore sshd you may need to reboot now!"

(in reply to Rodney)
Post #: 4
RE: New openssh is broken - Apr. 10, '06, 1:35:54 PM   
Rodney

 

Posts: 3714
Joined: Jul. 9, '02,
From: /Tools lab
Status: offline
The daemon sshd must run as local administrator.
This account has the "root" power that's needed -- no other account will do.
When the system is reboot the daemon gets started with the correct user (local administrator).

There used to be a message about rebooting. Seems to have gone AWOL. I'll add it back.

(in reply to steveh)
Post #: 5
RE: New openssh is broken - Apr. 10, '06, 1:51:13 PM   
steveh

 

Posts: 195
Joined: Jan. 23, '04,
Status: offline
Makes sence :)

(in reply to Rodney)
Post #: 6
RE: New openssh is broken - Apr. 18, '06, 12:22:55 PM   
Ron

 

Posts: 77
Joined: May 21, '03,
Status: offline
To more easily restart ssh I do the following...

First set up the shutdown script for sshd (Rodney, perhaps you could get the pkg install to do this?)
Do this once:
ln -s ../init.d/sshd /etc/rc2.d/K60sshd



Then to restart ssh you would run this command twice:
kill -HUP <pid of init>


The first time will cause init to run the shutdown scripts, the second time will cause init to run the startup scripts. Tah-dah, no reboot!

< Message edited by Ron -- Apr. 18, '06, 12:25:43 PM >

(in reply to steveh)
Post #: 7
RE: New openssh is broken - Apr. 18, '06, 12:32:36 PM   
Rodney

 

Posts: 3714
Joined: Jul. 9, '02,
From: /Tools lab
Status: offline
Yes, I can add that.
Though it will be K68 to keep the matching location of S32.

< Message edited by Rodney -- Apr. 18, '06, 12:38:01 PM >

(in reply to Ron)
Post #: 8
RE: New openssh is broken - Apr. 18, '06, 2:12:07 PM   
Rodney

 

Posts: 3714
Joined: Jul. 9, '02,
From: /Tools lab
Status: offline
> kill -HUP <pid of init>

I'm just testing the addition of this.
You need to allow for enough time between the HUP's so that all are stopped.

As a side note: to make getting the "init" PID easier in the future I've modified
the init code to put it's PID in /var/run (like all good daemons should ).
This will appear in a future release of SUA's utilities (no, I don't know when
that will be since that's MS).

(in reply to Rodney)
Post #: 9
RE: New openssh is broken - Apr. 18, '06, 2:20:23 PM   
Ron

 

Posts: 77
Joined: May 21, '03,
Status: offline
Sorry, I should have explained myself a bit more. I wouldn't make the init restart as part of a pkg_update or pkg_add since it'll also shutdown every other rc2.d process. But perhaps the user could be prompted to see if they want to go ahead with restarting init (with a big fat warning), but the default would be to not restart init.

Thanks for adding the init pid, that would be helpfull.

(in reply to Rodney)
Post #: 10
RE: New openssh is broken - Apr. 18, '06, 3:02:45 PM   
Rodney

 

Posts: 3714
Joined: Jul. 9, '02,
From: /Tools lab
Status: offline
Agreed about init restart.
I'm pondering about extending "init" to take signal USR1 as a message
to start any new scripts that have appeared since the last "start cycle".
I'm not doing this today. Just thinking about it.

Comments welcome from anyone here or in e-mail.
This is one of those chances to influence the future of the utilities for SUA/5.2/6.0.

(in reply to Ron)
Post #: 11
RE: New openssh is broken - Apr. 18, '06, 3:14:06 PM   
Ron

 

Posts: 77
Joined: May 21, '03,
Status: offline
That would be neat. A more direct action may be preferable where you could specify the init.d or rc2.d script, but that may not be possible via signals.

Perhaps it should be a completly different command or script. I'm thinking of something like the 'service' script in Linux where you would:
service sshd restart
-or-
service sshd stop
service sshd start


Take note that this is different from the Interix 'service' command. And we'd probably need SUID enabled for that though.

< Message edited by Ron -- Apr. 18, '06, 3:16:27 PM >

(in reply to Rodney)
Post #: 12
RE: New openssh is broken - Apr. 18, '06, 5:09:17 PM   
Rodney

 

Posts: 3714
Joined: Jul. 9, '02,
From: /Tools lab
Status: offline
>That would be neat. A more direct action may be preferable where you could specify the init.d or rc2.d script, but that may not be >possible via signals.

You can't do that with a signal.

(in reply to Ron)
Post #: 13
RE: New openssh is broken - Apr. 19, '06, 10:28:06 AM   
woehlkmp

 

Posts: 102
Status: offline
I was thinking about Ron's idea (post #12)... especially with SUA and mixed-mode applications, would it be possible to do something like this using IPC? In other words, 'initsvc sshd start' (making up a new name here since 'service' is taken) would send an IPC to init that gave it a target and an action ('sshd' and 'start', in this example).

(in reply to Rodney)
Post #: 14
RE: New openssh is broken - Apr. 19, '06, 12:42:25 PM   
Rodney

 

Posts: 3714
Joined: Jul. 9, '02,
From: /Tools lab
Status: offline
The nice thing about a signal is that only authorized processes can send a signal
to any particular process. So a process running as "joe_user" can have signals
sent to it by joe_user and Administrator but not jane_user. The signals are also
restricted to within the machine.

IPC as an AF_INET socket is not a good idea because this could be attacked by
an external source (DoS attack). So AF_UNIX or a FIFO is best to avoid an external
attack. Could open to a local attack or unauthorized access/request if the file
permissions aren't set right (must be careful there). The data stream can have
whatever you want in it of course.

Another method would be a "drop-zone" file combined with a signal. The file has the
specific information that gets read when a special signal arrives. Still an IPC,
but different. Cron works like this.

(in reply to woehlkmp)
Post #: 15
Page:   [1]
All Forums >> [SFU / Interix / SUA Technology] >> Interix Advanced Forum >> New openssh is broken Page: [1]
Jump to:





New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts


Search All Forums -

Advanced search


SPONSORS



Forum Software © ASPPlayground.NET Advanced Edition 2.5 ANSI

0.063