This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: Does anyone have ssh problem with glibc 2.31?
- From: Rich Felker <dalias at libc dot org>
- To: Florian Weimer <fweimer at redhat dot com>
- Cc: "H.J. Lu" <hjl dot tools at gmail dot com>, GNU C Library <libc-alpha at sourceware dot org>
- Date: Fri, 14 Feb 2020 11:08:04 -0500
- Subject: Re: Does anyone have ssh problem with glibc 2.31?
- References: <CAMe9rOos7cA9k4+hkucG2XBX_SKH2DfbDc=4w=DvkMS+Suxm8A@mail.gmail.com> <874kvt2odw.fsf@oldenburg2.str.redhat.com>
On Fri, Feb 14, 2020 at 04:13:15PM +0100, Florian Weimer wrote:
> * H. J. Lu:
>
> > I got a report that ssh to localhost didn't work with glibc 2.31:
> >
> > $ ssh -vv test@localhost
> > verify journalctl for messages like
> > Feb 13 16:11:12 clr-c8ac6e4ce4c94ca4ac9188a967175ec3 sshd[297]: Server
> > listening on :: port 22.
> > Feb 13 16:11:59 clr-c8ac6e4ce4c94ca4ac9188a967175ec3 sshd[313]:
> > pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0
> > tty=ssh ruser= rhost=127.0.0.1 user=test
> >
> > They had to downgrade to glibc 2.30. Has anyone seen anything similar?
>
> It's seccomp-related. OpenSSH and systemd need updating.
Yes, OpenSSH is missing seccomp rules to allow the time64 versions of
some syscalls. I forget whether it only affects systems without vdso
or all (32-bit) systems. Adélie Linux already has a patch as part of
this commit:
https://code.foxkit.us/adelie/packages/commit/fc1725b12ffae83614d3792ec9a8fae764fa8213
Rich