[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#932089: openssh-server: Cannot log into openssh-server on buster/mipsel

On 2019-07-14 at 23:23:35, Colin Watson wrote:
> Judging from this, the crash (or is it a hang?  I'm assuming a crash) is
> near the start of ensure_minimum_time_since, probably inside
> monotime_ts.  I suspect there's something wrong with the seccomp
> sandboxing of the privileged monitor process on mipsel.

Yes, I also think it's a crash. It doesn't hang at all.

> Could you try installing the auditd package, and then running this
> before starting sshd:
>   auditctl -a exit,always -F uid="$(id -u sshd)"

auditd fails to start after installation (and restart doesn't help):

  $ systemctl status auditd
  ● auditd.service - Security Auditing Service
     Loaded: loaded (/lib/systemd/system/auditd.service; enabled; vendor preset: enabled)
     Active: failed (Result: exit-code) since Mon 2019-07-15 05:03:21 UTC; 3min 8s ago
       Docs: man:auditd(8)
    Process: 6841 ExecStart=/sbin/auditd (code=exited, status=1/FAILURE)
  Jul 15 05:03:21 gnubee-n1.gnubee systemd[1]: Starting Security Auditing Service...
  Jul 15 05:03:21 gnubee-n1.gnubee systemd[1]: auditd.service: Control process exited, code=exited, status=1/FAILURE
  Jul 15 05:03:21 gnubee-n1.gnubee systemd[1]: auditd.service: Failed with result 'exit-code'.
  Jul 15 05:03:21 gnubee-n1.gnubee systemd[1]: Failed to start Security Auditing Service.
  $ auditctl -a exit,always -F uid="$(id -u sshd)"
  Error - audit support not in kernel
  Cannot open netlink audit socket

Looks like I might be missing some kernel features. Perhaps sandboxing in
openssh also relies on something that's not compiled in either? Is there an
easy way to check?

By the way, this machine is sadly not using a Debian kernel. It's using
librecmc-ramips-mt7621-gb-pc1-squashfs-sysupgrade_2017-11-28.bin from

  $ uname -a
  Linux gnubee-n1.gnubee 4.4.87-gnu #0 SMP Wed Nov 22 13:06:13 2017 mips GNU/Linux



Reply to: