Hi Jan,
No, the problem was different: what I saw after update is the error mentioning
buffer_append_space ("buffer_append_space: len 1 not supported" and similar),
which should be related to the following bug that was fixed long time ago:
http://www.openssh.com/txt/buffer.adv
I was not able even to restart sshd on the machine where update was applied,
nor to ssh to some other machines that were not affected by the update and
have other Linux distros.
Now I see that new version of openssh (3.9p1-8.SL.3.22.i386) appeared last
evening. I tried it on one unsuspecting machine, and there were no problems,
so it seems that SL people has fixed whatever was wrong. I found this on one
of their mailing lists, which explains what happened:
http://listserv.fnal.gov/scripts/wa.exe?A2=ind0705&L=scientific-linux-users&T=0&P=11315
So, we need to be more careful with this...
Regards, Antun
-----
Antun Balaz
Research Assistant
E-mail: [log in to unmask]
Web: http://scl.phy.bg.ac.yu/
Phone: +381 11 3713152
Fax: +381 11 3162190
Scientific Computing Laboratory
Institute of Physics, Belgrade, Serbia
-----
---------- Original Message -----------
From: Jan Just Keijser <[log in to unmask]>
To: [log in to unmask]
Sent: Wed, 16 May 2007 08:15:42 +0200
Subject: Re: [LCG-ROLLOUT] Warning: new openssh - do not install!
> Hi Antun,
>
> I ran into this problem last October (with
> openssh-server-3.9p1-8.SL.3.18.i386.rpm, also from the 'contrib'
> region); the problem is that this version of openssh installs a file
> /etc/pam.d/sshd which points to a non existing pam_loginuid.so file.
> Thus, pam-enabled logins were broken after installing this RPM. Is
> this what you are seeing as well? At the time I contact the SL
> repository author and he removed the offending RPM from the
> repository. I will contact him again if this particular bug has resurfaced.
>
> cheers,
>
> Jan Just Keijser
> System Integrator
> NIKHEF
> Amsterdam
>
> Antun Balaz wrote:o
> > Hi,
> >
> > Do not install the latest openssh (3.9p1-8.SL.3.21.i386 for SL3.x or
> > 3.9p1-8.SL.4.21.i386 for SL4.x) under any circumstances - it will break your
> > sshd so that you will not be able to start it again! I just had this pleasant
> > experience on several machines, and had to force installation of the previous
> > version which works OK.
> >
> > If anybody has any further details, it will be appreciated.
> >
> > The new RPMs reside in the contrib part of SL apt repository, and they created
> > many problems in the past. For this reason I removed contrib repository from
> > /etc/apt/sources.list.d/sl.list on all nodes, and would warmly recommend this
> > to all of you... This repository can be included and RPMs there installed just
> > if you know what are you doing.
> >
> >
> >
------- End of Original Message -------
|