Bug#481647: marked as done (sshd: does not execute .profile when command is specified)
Your message dated Sun, 25 May 2008 22:26:01 +0100
with message-id <20080525212601.GX16645@riva.ucam.org>
and subject line Re: Bug#481647: sshd: does not execute .profile when command is specified
has caused the Debian Bug report #481647,
regarding sshd: does not execute .profile when command is specified
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)
--
481647: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=481647
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
Package: openssh-server
Version: 1:4.7p1-8
Severity: normal
I recently upgraded my lenny system with the latest openssh-server and all my
remote invocation scripts broke!
It seems that sshd no longer sources the user's .profile before executing a
command. This means that, for example, there is now a difference between:
ssh somewhere
# command
and
ssh somewhere command
I do not believe that this can be related to the PermitUserEnvironment change as
that change happened some time ago and the man page for sshd_config does not
mention that this has any effect on .profile. Also, .bashrc is still sourced
so there is no possible security benefit to the change.
If this change is, for some reason, deliberate, it should be described in a
NEWS item as it breaks scripts for invoking commands on remote systems using
ssh.
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (900, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.24-1-686 (SMP w/1 CPU core)
Locale: LANG=en_IE@euro, LC_CTYPE=en_IE@euro (charmap=ISO-8859-15) (ignored: LC_ALL set to en_IE@euro)
Shell: /bin/sh linked to /bin/bash
Versions of packages openssh-server depends on:
ii adduser 3.107 add and remove users and groups
ii debconf [debconf-2.0] 1.5.21 Debian configuration management sy
ii dpkg 1.14.18 package maintenance system for Deb
ii libc6 2.7-10 GNU C Library: Shared libraries
ii libcomerr2 1.40.8-2 common error description library
ii libkrb53 1.6.dfsg.3~beta1-4 MIT Kerberos runtime libraries
ii libpam-modules 0.99.7.1-6 Pluggable Authentication Modules f
ii libpam-runtime 0.99.7.1-6 Runtime support for the PAM librar
ii libpam0g 0.99.7.1-6 Pluggable Authentication Modules l
ii libselinux1 2.0.59-1 SELinux shared libraries
ii libssl0.9.8 0.9.8g-10 SSL shared libraries
ii libwrap0 7.6.q-15 Wietse Venema's TCP wrappers libra
ii lsb-base 3.2-11 Linux Standard Base 3.2 init scrip
ii openssh-client 1:4.7p1-8 secure shell client, an rlogin/rsh
ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime
Versions of packages openssh-server recommends:
ii xauth 1:1.0.3-1 X authentication utility
-- debconf information:
ssh/insecure_rshd:
ssh/insecure_telnetd:
ssh/new_config: true
* ssh/use_old_init_script: true
ssh/disable_cr_auth: false
ssh/encrypted_host_key_but_no_keygen:
--- End Message ---
--- Begin Message ---
On Sat, May 17, 2008 at 11:48:20PM +0100, Graham Cobb wrote:
> It turns out that this was my problem. sshd has never executed my .profile
Indeed. The shell only reads .profile for login shells, and sshd only
starts a login shell if there's no command to execute.
> and the change in behaviour was because I made another change (while busy
> generating new keys) and accidentally removed my .ssh/environment file.
>
> Sorry for the bad bug report.
Thanks for following up. Closing.
Regards,
--
Colin Watson [cjwatson@debian.org]
--- End Message ---
Reply to: