Bug#932089: openssh-server: Cannot log into openssh-server on buster/mipsel
On 2019-07-14 at 23:23:35, Colin Watson wrote:
> Judging from this, the crash (or is it a hang? I'm assuming a crash) is
> near the start of ensure_minimum_time_since, probably inside
> monotime_ts. I suspect there's something wrong with the seccomp
> sandboxing of the privileged monitor process on mipsel.
Yes, I also think it's a crash. It doesn't hang at all.
> Could you try installing the auditd package, and then running this
> before starting sshd:
> auditctl -a exit,always -F uid="$(id -u sshd)"
auditd fails to start after installation (and restart doesn't help):
$ systemctl status auditd
● auditd.service - Security Auditing Service
Loaded: loaded (/lib/systemd/system/auditd.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Mon 2019-07-15 05:03:21 UTC; 3min 8s ago
Process: 6841 ExecStart=/sbin/auditd (code=exited, status=1/FAILURE)
Jul 15 05:03:21 gnubee-n1.gnubee systemd: Starting Security Auditing Service...
Jul 15 05:03:21 gnubee-n1.gnubee systemd: auditd.service: Control process exited, code=exited, status=1/FAILURE
Jul 15 05:03:21 gnubee-n1.gnubee systemd: auditd.service: Failed with result 'exit-code'.
Jul 15 05:03:21 gnubee-n1.gnubee systemd: Failed to start Security Auditing Service.
$ auditctl -a exit,always -F uid="$(id -u sshd)"
Error - audit support not in kernel
Cannot open netlink audit socket
Looks like I might be missing some kernel features. Perhaps sandboxing in
openssh also relies on something that's not compiled in either? Is there an
easy way to check?
By the way, this machine is sadly not using a Debian kernel. It's using
$ uname -a
Linux gnubee-n1.gnubee 4.4.87-gnu #0 SMP Wed Nov 22 13:06:13 2017 mips GNU/Linux