OpenSSH server not working - connection closed - problem solved

Laszlo Ast ast at enternet.hu
Mon Aug 22 05:02:51 PDT 2005


Hi Dan,

Dan Nicholson wrote:

> One thing that has me a bit grumpy is with the sshd debugging.  
> Nothing in the debug output led me to believe that there was 
> difficulty looking up domain names. 


I just didn't want to give up, and I made some further experiments with 
my system until I found a solution (that seems to be a solution instead 
of being a workaround).

It turned out relatively quickly that a working DNS (at least that 
appears to work) did not help, either. (Just for the record: I 
configured dnsmasq with rp-pppoe, but dnsmasq is not part of blfs, so I 
won't go into details here unless somebody is interested.)

Stracing sshd with the follow child option showed an interesting thing 
(these are the last lines of the child strace output)::

open("/usr/lib/libnss_dns.so.2", O_RDONLY) = -1 EACCES (Permission denied)
stat64("/usr/lib", 0xbfffb8e4)          = -1 EACCES (Permission denied)
--- SIGSEGV (Segmentation fault) @ 0 (0) ---

As a further step I discovered two things:
1. This problem is only present if both UseDNS and 
UsePrivilegeSeparation are set to yes (these are the defaults).
In the latter case a chrooted child makes e.g. the DNS checks, and since 
it is supposed and enforced that this child has an empty root dir there 
is no nice way to put there e.g. an etc directory with a hosts file.
2. Apart from that, it isn't a nice thing to get a segmentation fault. 
Btw., this is why the sshd could not tell too many debug details, either.

Since the sshd child has no chance to generate a core dump I changed 
sshd to leave the child to run as root, and I set ulimit -c unlimited.

The first lines of the core backtrace show that the segmentation fault 
happens in glibc, that tries to load the libnss_dns.so library in runtime:

#0  open_path (name=0xbfffc7e0 "libnss_dns.so.2", namelen=16, 
preloaded=0, sps=0xb8000f20, realname=0xffffffff, fbp=0xbfffc288)
    at dl-load.c:1791
#1  0xb7ff1fea in _dl_map_object (loader=0xb8001508, name=0xbfffc7e0 
"libnss_dns.so.2", preloaded=0, type=2, trace_mode=0,
    mode=-1879048191, nsid=0) at dl-load.c:1961
...

This error is a consequence of the completely empty (and nonexisting) 
lib directory in the chrooted environment. This turned to be a known 
error in glibc-2.3.4, and glibc-2.3.5 already contains the fix that can 
be found here:
http://sources.redhat.com/ml/libc-hacker/2005-02/msg00005.html

Instead of upgrading to 2.3.5 I simply copied the changed lines and 
rebuilt glibc, and sshd works now with the default settings without any 
problem.
Of course, it still cannot load libnss_dns.so in runtime, but the 
resolver returns with a proper error code (instead of a segmentation 
violation), and it seems to be enough.

Laszlo



More information about the blfs-support mailing list