grsecurity forums

[petlab]

I am getting this error in my logs:

Code: Select all

Mar  4 10:12:06 [kernel] grsec: exec of /sbin/agetty (/sbin/agetty 38400 tty1 linux ) by /sbin/in$
Mar  4 10:12:06 [kernel] grsec: exec of /sbin/agetty (/sbin/agetty 38400 tty4 linux ) by /sbin/in$
Mar  4 10:12:06 [kernel] grsec: chdir to /dev by /sbin/agetty[agetty:19215] uid/euid:0/0 gid/egid$
Mar  4 10:12:06 [kernel] grsec: exec of /sbin/agetty (/sbin/agetty 38400 tty2 linux ) by /sbin/in$
Mar  4 10:12:06 [kernel] grsec: exec of /sbin/agetty (/sbin/agetty 38400 tty3 linux ) by /sbin/in$
Mar  4 10:12:06 [kernel] grsec: chdir to /dev by /sbin/agetty[agetty:14067] uid/euid:0/0 gid/egid$
Mar  4 10:12:06 [kernel] grsec: chdir to /dev by /sbin/agetty[agetty:3329] uid/euid:0/0 gid/egid:$
Mar  4 10:12:06 [kernel] grsec: exec of /sbin/agetty (/sbin/agetty 38400 tty6 linux ) by /sbin/in$
Mar  4 10:12:06 [kernel] grsec: exec of /sbin/agetty (/sbin/agetty 38400 tty5 linux ) by /sbin/in$
Mar  4 10:12:06 [kernel] grsec: chdir to /dev by /sbin/agetty[agetty:29118] uid/euid:0/0 gid/egid$
Mar  4 10:12:06 [kernel] grsec: chdir to /dev by /sbin/agetty[agetty:19335] uid/euid:0/0 gid/egid$
Mar  4 10:12:06 [kernel] grsec: chdir to /dev by /sbin/agetty[agetty:25226] uid/euid:0/0 gid/egid$
Mar  4 10:17:58 [kernel] grsec: From 65.102.39.167: exec of /usr/sbin/sshd (/usr/sbin/sshd -R ) b$
Mar  4 10:17:58 [kernel] grsec: From 65.102.39.167: chdir to / by /usr/sbin/sshd[sshd:11663] uid/$
Mar  4 10:17:58 [kernel] grsec: From 65.102.39.167: chdir to /var/empty by /usr/sbin/sshd[sshd:32$
Mar  4 10:18:04 [sshd] Accepted keyboard-interactive/pam for ykill from 65.102.39.167 port 1178 s$
Mar  4 10:18:04 [sshd(pam_unix)] session opened for user ykill by (uid=0)
Mar  4 10:18:05 [sshd] error: open /dev/tty failed - could not set controlling tty: Permission de$
Mar  4 10:18:

gradm is not enabled. I am using PaX also. Sure, I can log in, and there "isn't really a problem" but I would like to know why it can't set the tty, or what I have done wrong. I'm using gentoo.

[EDIT]
I have read at the OpenSSH site that my /dev/tty should have mode 0666, but mine is actually 0660. How does that impact security tho? Thanks!

[petlab]

<whine>
Since about March 4, I have had to answer all my own posts, (4) one on grsecurity.net and three on gentoo.org.
</whine>

Apparently, everyone is out enjoyng the weather. If I find a definitive answer to this post, I will _consider_ putting it up here.

[cmouse]

Try giving sshd access to /dev/tty with modes rw in your ACL?

if OpenSSH site says you should give 0666 to /dev/tty I spose you should do as they say?

[petlab]

thank you cmouse, I really appreciate the reply.

I am trying that... will come back with an answer.

[petlab]

The ACL is already rw for default, AND for sshd. Hmm.

I did change the perms to 0666, and the error went away.

Thanks for at your help, cmouse.