184247 – sshd closes connections if audit is not supported by the kernel

Bug 184247 - sshd closes connections if audit is not supported by the kernel

Summary: sshd closes connections if audit is not supported by the kernel

Keywords:
Status:	CLOSED DUPLICATE of bug 183243
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	openssh
Sub Component:
Version:	5
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Tomas Mraz
QA Contact:	Brian Brock
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2006-03-07 18:02 UTC by Max Krasnyansky
Modified:	2007-11-30 22:11 UTC (History)
CC List:	0 users
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2006-03-07 21:06:34 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Max Krasnyansky 2006-03-07 18:02:22 UTC

Latest sshd (in openssh) is closing connections (ie refusing logins) right after
authentication (even if auth is successeful) if audit is not supported by the
kernel. 
It's supposed to check whether audit is supported and if it is let the login go
through. But current check is wrong. It only checks if socket creation failed. 
The patch basically looks like this

 --- openssh-4.3p2/loginrec.c    2006-03-07 10:02:29.000000000 -0800
+++ openssh-4.3p2.good/loginrec.c       2006-03-07 09:24:57.000000000 -0800
@@ -1404,6 +1404,14 @@
                else
                        return 0; /* Must prevent login */
        }
+
+       rc = audit_request_status(audit_fd);
+       if (rc < 0) {
+               if (errno == ECONNREFUSED)
+                       return 1; /* No audit support in kernel */
+               return 0; /* Must prevent login */
+       }
+

Comment 1 Tomas Mraz 2006-03-07 21:06:34 UTC


*** This bug has been marked as a duplicate of 183243 ***

Note You need to log in before you can comment on or make changes to this bug.