Version-Release number of selected component (if applicable): openssh-clients-5.5p1-18.fc14.x86_64 How reproducible: 100% Steps to Reproduce: $ mock -v -r fedora-14-x86_64 --init $ mock -v -r fedora-14-x86_64 --install openssh-clients # chroot /var/lib/mock/fedora-14-x86_64/root # ssh localhost Actual results: Segmentation fault (core dumped) Additional info: # gdb -q --args ssh localhost (gdb) break matchpathcon Breakpoint 1 at 0x90a0 (gdb) run Breakpoint 1, matchpathcon (name=0x7fffffffcea0 "/root/.ssh", mode=448, con=0x7fffffffc7b8) at matchpathcon.c:316 316 { (gdb) finish Run till exit from #0 matchpathcon (name=0x7fffffffcea0 "/root/.ssh", mode=448, con=0x7fffffffc7b8) at matchpathcon.c:316 main (ac=<value optimized out>, av=<value optimized out>) at ssh.c:829 829 setfscreatecon(scon); Value returned is $1 = -1 (gdb) list 824 strcmp(pw->pw_dir, "/") ? "/" : "", _PATH_SSH_USER_DIR); 825 if (r > 0 && (size_t)r < sizeof(buf) && stat(buf, &st) < 0) { 826 char *scon; 827 828 matchpathcon(buf, 0700, &scon); 829 setfscreatecon(scon); 830 if (mkdir(buf, 0700) < 0) 831 error("Could not create directory '%.200s'.", buf); 832 setfscreatecon(NULL); 833 } (gdb) print scon $2 = 0x500000001 <Address 0x500000001 out of bounds> (gdb) next Program received signal SIGSEGV, Segmentation fault. 0x00007ffff5896982 in __strlen_sse2 () from /lib64/libc.so.6 (gdb) bt #0 0x00007ffff5896982 in __strlen_sse2 () from /lib64/libc.so.6 #1 0x00007ffff5896696 in strdup () from /lib64/libc.so.6 #2 0x00007ffff796dd28 in selinux_trans_to_raw_context (trans=0x500000001 <Address 0x500000001 out of bounds>, rawp=0x7fffffffc6a8) at setrans_client.c:259 #3 0x00007ffff796c4a0 in setprocattrcon (context=<value optimized out>, attr=0x7ffff7970996 "fscreate", pid=0) at procattr.c:135 #4 0x00007ffff7fa8731 in main (ac=<value optimized out>, av=<value optimized out>) at ssh.c:829
temporarily repaired in Rawhide's openssh-5.6p1-4 can you test it please?
Works for me. Thanks!
can you test openssh-5.6p1-5 also?
still working...
thx, do you want it as update of f14?
It'd be certainly appreciated as the bug weakens curl's test-suite: http://kojipkgs.fedoraproject.org/packages/curl/7.21.0/5.fc14/data/logs/x86_64/build.log ... but if the update was a problem, we could add BuildRequire for selinux-policy-targeted as a workaround, as we already did in rawhide curl.
be my guest, and test!
There seems to be a typo in openssh.spec: diff --git a/openssh.spec b/openssh.spec index 8eca6ab..dcd4280 100644 --- a/openssh.spec +++ b/openssh.spec @@ -326,7 +326,7 @@ CFLAGS="$CFLAGS -fpic" %endif export CFLAGS SAVE_LDFLAGS="$LDFLAGS" -LDFLAGS="$LDFLAGS -pie z relro -z now"; export LDFLAGS +LDFLAGS="$LDFLAGS -pie -z relro -z now"; export LDFLAGS %endif %if %{kerberos5} if test -r /etc/profile.d/krb5-devel.sh ; then
openssh-5.5p1-20.fc14 has been submitted as an update for Fedora 14. https://admin.fedoraproject.org/updates/openssh-5.5p1-20.fc14
openssh-5.5p1-20.fc14 has been pushed to the Fedora 14 stable repository. If problems still persist, please make note of it in this bug report.
(In reply to comment #8) > There seems to be a typo in openssh.spec: > > diff --git a/openssh.spec b/openssh.spec > index 8eca6ab..dcd4280 100644 > --- a/openssh.spec > +++ b/openssh.spec > @@ -326,7 +326,7 @@ CFLAGS="$CFLAGS -fpic" > %endif > export CFLAGS > SAVE_LDFLAGS="$LDFLAGS" > -LDFLAGS="$LDFLAGS -pie z relro -z now"; export LDFLAGS > +LDFLAGS="$LDFLAGS -pie -z relro -z now"; export LDFLAGS > %endif > %if %{kerberos5} > if test -r /etc/profile.d/krb5-devel.sh ; then this is reparation of the typo
I did a scratch build of curl-7.21.0-5.fc14 against openssh-5.5p1-20.fc14 from stable and SCP/SFTP tests ran successfully on both i686 and x86_64: http://koji.fedoraproject.org/koji/taskinfo?taskID=2466279