Bug 661394 - update of openssh breaks build of curl and libssh2
update of openssh breaks build of curl and libssh2
Status: CLOSED DUPLICATE of bug 661666
Product: Fedora
Classification: Fedora
Component: openssh (Show other bugs)
rawhide
Unspecified Unspecified
low Severity high
: ---
: ---
Assigned To: Jan F. Chadima
Fedora Extras Quality Assurance
:
Depends On: 661666
Blocks: 660963
  Show dependency treegraph
 
Reported: 2010-12-08 13:06 EST by Kamil Dudka
Modified: 2010-12-09 06:25 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2010-12-09 06:25:24 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
a reproducer (388 bytes, text/plain)
2010-12-08 13:08 EST, Kamil Dudka
no flags Details

  None (edit)
Description Kamil Dudka 2010-12-08 13:06:06 EST
Version-Release number of selected component (if applicable):
openssh-5.6p1-20.fc15


How reproducible:
100%


Steps to Reproduce:
1. mock -v -r fedora-devel-x86_64 --init
2. mock -v -r fedora-devel-x86_64 --install openssh-server
3. mock -v -r fedora-devel-x86_64 --install openssh-clients
4. chroot /var/lib/mock/fedora-rawhide-x86_64/root
5. su - mockbuild
6. run the attached script

  
Actual results:
debug1: kex: client->server aes128-ctr hmac-md5 none
debug3: mm_request_send entering: type 76
debug3: mm_request_receive_expect entering: type 77
debug3: mm_request_receive entering
debug3: monitor_read: checking request 76
cannot write into audit
debug1: do_cleanup
debug1: audit_event: unhandled event 12
debug1: do_cleanup
Read from socket failed: Connection reset by peer


Expected results:
client connects


Additional info:
will follow
Comment 1 Kamil Dudka 2010-12-08 13:08:57 EST
Created attachment 467540 [details]
a reproducer
Comment 2 Kamil Dudka 2010-12-08 13:13:42 EST
This helps to work around the breakage:

$ printf "int audit_log_acct_message() { return 0; }\n" \
    | gcc -xc - -fPIC -shared -o bz661394.so

$ export LD_PRELOAD=`readlink -f bz661394.so`
Comment 3 Kamil Dudka 2010-12-08 13:54:42 EST
Here is caught what happens in libaudit:

Breakpoint 3, check_ack (fd=4, seq=1) at netlink.c:253
253     {

(gdb) bt
#0  check_ack (fd=4, seq=1) at netlink.c:285
#1  audit_send (fd=4, type=2407, data=0x7fffdfb046b0, size=183) at netlink.c:236
#2  audit_send_user_message (fd=4, type=2407, hide_error=REAL_ERR, 
    message=0x7fffdfb046b0 "op=start direction=from-client cipher=aes128-ctr, ksize=128 rport=44557 laddr=127.0.0.1 lport=8999 id=4294967295 exe=\"/usr/sbin/sshd\" hostname=? addr=127.0.0.1 terminal=? res=success") at deprecated.c:47
#3  audit_log_acct_message (audit_fd=4, type=2407, pgname=0x7fffdfb069c0 "\"/usr/sbin/sshd\"", 
    op=0x7fffdfb08ac0 "start direction=from-client cipher=aes128-ctr, ksize=128 rport=44557 laddr=127.0.0.1 lport=8999", name=0x0, 
    id=4294967295, host=0x0, addr=0x7faaaf6d9df0 "127.0.0.1", tty=0x0, result=1) at audit_logging.c:440
#4  audit_kex_body (...) at audit-linux.c:195
#5  kex_choose_conf (...) at kex.c:449
#6  kex_kexinit_finish (...) at kex.c:252
#7  kex_input_kexinit (...) at kex.c:226
#8  dispatch_run (mode=0, done=0x7faaaf6d81d0, ctxt=0x7faaaf6d8160) at dispatch.c:98
#9  do_ssh2_kex (ac=<value optimized out>, av=<value optimized out>) at sshd.c:2457
#10 main (ac=<value optimized out>, av=<value optimized out>) at sshd.c:2041

(gdb) next
254             int rc, retries = 80;
(gdb)
259             pfd[0].fd = fd;
(gdb)
260             pfd[0].events = POLLIN;
(gdb)
262                     rc = poll(pfd, 1, 500); /* .5 second */
(gdb)
263             } while (rc < 0 && errno == EINTR);
(gdb)
269             rc = audit_get_reply(fd, &rep, GET_REPLY_NONBLOCKING, MSG_PEEK);
(gdb)
270             if (rc == -EAGAIN && retries) {
(gdb)
273             } else if (rc < 0)
(gdb)
275             else if (rc == 0)
(gdb)
277             else if (rc > 0 && rep.type == NLMSG_ERROR) {
(gdb)
280                     (void)audit_get_reply(fd, &rep2, GET_REPLY_NONBLOCKING, 0);
(gdb)
283                     if (rep.error->error) {
(gdb)
284                             errno = -rep.error->error;
(gdb)
285                             return rep.error->error;

(gdb) print *rep.error
$3 = {
  error = -1,
  msg = {
    nlmsg_len = 200,
    nlmsg_type = 2407,
    nlmsg_flags = 5,
    nlmsg_seq = 1,
    nlmsg_pid = 0
  }
}
Comment 4 Jan F. Chadima 2010-12-08 14:03:36 EST
What is the version of audit and openssh used?
Comment 5 Kamil Dudka 2010-12-08 14:16:15 EST
audit-libs-2.0.5-1.fc15
openssh-server-5.6p1-20.fc15
Comment 6 Jan F. Chadima 2010-12-09 02:23:24 EST
Have you run auditd at that time?
Have you audit package installed also?
Comment 7 Kamil Dudka 2010-12-09 04:19:09 EST
I tried the following and it made no difference:

# yum install audit
# service auditd start

Did you try to follow my steps to reproduce?  It's pretty straightforward.  Note it does not happen if you run the script as root.  You need to be mockbuild.
Comment 8 Jan F. Chadima 2010-12-09 06:19:10 EST
Do you 
Does the auditd start?
Comment 9 Jan F. Chadima 2010-12-09 06:25:24 EST

*** This bug has been marked as a duplicate of bug 661666 ***

Note You need to log in before you can comment on or make changes to this bug.