Bug#367993: openssh-server: /etc/init.d/ssh start does not signal error for UID > 0
Package: openssh-server
Version: 1:4.3p2-1
Severity: normal
DESCRIPTION
foo@host:~$ /etc/init.d/ssh start
foo@host:~$ echo $?
0
foo@host:~$ id -a
uid=1000(foo) gid=1000(foo) groups=44(video),1000(foo)
SUGGESTION
The service start script
1) Should return error (cannot commence any command non-root)
2) Display error message, that user does not have privileges
to run the command
Add error checking to the service script. Compare this to
foo@host:~$ /etc/init.d/shorewall stop; echo $?
You must be root to start, stop or restart "Shorewall firewall".
1
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'stable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/dash
Kernel: Linux 2.6.16-1-686
Locale: LANG=C, LC_CTYPE=C (charmap=ISO-8859-1) (ignored: LC_ALL set to en_US)
Versions of packages openssh-server depends on:
ii adduser 3.87 Add and remove users and groups
ii debconf [debc 1.5.1 Debian configuration management sy
ii dpkg 1.13.19 package maintenance system for Deb
ii libc6 2.3.6-7 GNU C Library: Shared libraries
ii libcomerr2 1.38+1.39-WIP-2006.04.09-2 common error description library
ii libkrb53 1.4.3-7 MIT Kerberos runtime libraries
ii libpam-module 0.79-3.1 Pluggable Authentication Modules f
ii libpam-runtim 0.79-3.1 Runtime support for the PAM librar
ii libpam0g 0.79-3.1 Pluggable Authentication Modules l
ii libselinux1 1.30-1 SELinux shared libraries
ii libssl0.9.8 0.9.8b-2 SSL shared libraries
ii libwrap0 7.6.dbs-9 Wietse Venema's TCP wrappers libra
ii openssh-clien 1:4.3p2-1 Secure shell client, an rlogin/rsh
ii zlib1g 1:1.2.3-11 compression library - runtime
openssh-server recommends no packages.
Reply to: