grsecurity forums


https://forums.grsecurity.net./

sshd can't set controlling tty - Perm. denied [SOLVED]

https://forums.grsecurity.net./viewtopic.php?f=3&t=1117

Page 1 of 1

sshd can't set controlling tty - Perm. denied [SOLVED]

PostPosted: Fri Mar 04, 2005 2:43 pm
by petlab
I am getting this error in my logs:
Code: Select all
Mar  4 10:12:06 [kernel] grsec: exec of /sbin/agetty (/sbin/agetty 38400 tty1 linux ) by /sbin/in$
Mar  4 10:12:06 [kernel] grsec: exec of /sbin/agetty (/sbin/agetty 38400 tty4 linux ) by /sbin/in$
Mar  4 10:12:06 [kernel] grsec: chdir to /dev by /sbin/agetty[agetty:19215] uid/euid:0/0 gid/egid$
Mar  4 10:12:06 [kernel] grsec: exec of /sbin/agetty (/sbin/agetty 38400 tty2 linux ) by /sbin/in$
Mar  4 10:12:06 [kernel] grsec: exec of /sbin/agetty (/sbin/agetty 38400 tty3 linux ) by /sbin/in$
Mar  4 10:12:06 [kernel] grsec: chdir to /dev by /sbin/agetty[agetty:14067] uid/euid:0/0 gid/egid$
Mar  4 10:12:06 [kernel] grsec: chdir to /dev by /sbin/agetty[agetty:3329] uid/euid:0/0 gid/egid:$
Mar  4 10:12:06 [kernel] grsec: exec of /sbin/agetty (/sbin/agetty 38400 tty6 linux ) by /sbin/in$
Mar  4 10:12:06 [kernel] grsec: exec of /sbin/agetty (/sbin/agetty 38400 tty5 linux ) by /sbin/in$
Mar  4 10:12:06 [kernel] grsec: chdir to /dev by /sbin/agetty[agetty:29118] uid/euid:0/0 gid/egid$
Mar  4 10:12:06 [kernel] grsec: chdir to /dev by /sbin/agetty[agetty:19335] uid/euid:0/0 gid/egid$
Mar  4 10:12:06 [kernel] grsec: chdir to /dev by /sbin/agetty[agetty:25226] uid/euid:0/0 gid/egid$
Mar  4 10:17:58 [kernel] grsec: From 65.102.39.167: exec of /usr/sbin/sshd (/usr/sbin/sshd -R ) b$
Mar  4 10:17:58 [kernel] grsec: From 65.102.39.167: chdir to / by /usr/sbin/sshd[sshd:11663] uid/$
Mar  4 10:17:58 [kernel] grsec: From 65.102.39.167: chdir to /var/empty by /usr/sbin/sshd[sshd:32$
Mar  4 10:18:04 [sshd] Accepted keyboard-interactive/pam for ykill from 65.102.39.167 port 1178 s$
Mar  4 10:18:04 [sshd(pam_unix)] session opened for user ykill by (uid=0)
Mar  4 10:18:05 [sshd] error: open /dev/tty failed - could not set controlling tty: Permission de$
Mar  4 10:18:


gradm is not enabled. I am using PaX also. Sure, I can log in, and there "isn't really a problem" but I would like to know why it can't set the tty, or what I have done wrong. I'm using gentoo.

[EDIT]
I have read at the OpenSSH site that my /dev/tty should have mode 0666, but mine is actually 0660. How does that impact security tho? Thanks!

PostPosted: Sat Mar 12, 2005 12:13 am
by petlab
<whine>
Since about March 4, I have had to answer all my own posts, (4) one on grsecurity.net and three on gentoo.org.
</whine>

Apparently, everyone is out enjoyng the weather. If I find a definitive answer to this post, I will _consider_ putting it up here.

:evil:

PostPosted: Sun Mar 13, 2005 4:42 am
by cmouse
Try giving sshd access to /dev/tty with modes rw in your ACL?

if OpenSSH site says you should give 0666 to /dev/tty I spose you should do as they say?

PostPosted: Mon Mar 14, 2005 1:32 pm
by petlab
thank you cmouse, I really appreciate the reply.

I am trying that... will come back with an answer.

PostPosted: Wed Mar 30, 2005 2:39 pm
by petlab
The ACL is already rw for default, AND for sshd. Hmm. :evil:

I did change the perms to 0666, and the error went away. :)

Thanks for at your help, cmouse. :D
All times are UTC - 5 hours [ DST ]
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/