[Bug 218254] New: problems in chrooted environment
https://bugzilla.novell.com/show_bug.cgi?id=218254 Summary: problems in chrooted environment Product: SUSE LINUX 10.0 Version: Final Platform: S/390-64 OS/Version: SuSE Linux 10.0 Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: marosg@yahoo.com QAContact: qa@suse.de I found two problems when in chrooted env. 1. In YAST, LDAP client, when I click Fetch DN it says LDAP server cannot be connected. When I leave chroot and do the same, LDAP is connected and info retrieved 2. in chroot I was not able to do scp, I got 'PRNG is not seeded'. When left chroot, it worked. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=218254 mhorvath@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO Info Provider| |marosg@yahoo.com ------- Comment #1 from mhorvath@novell.com 2006-11-09 05:11 MST ------- Please, could you attach the YaST and scpm log files? scpm: /var/log/scpm yast: http://en.opensuse.org/Bugs/YaST -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=218254 ------- Comment #2 from marosg@yahoo.com 2006-11-09 07:06 MST ------- Created an attachment (id=104478) --> (https://bugzilla.novell.com/attachment.cgi?id=104478&action=view) scpm from chrooted env Look at dates, there is nothing from today when I recreated the problem -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=218254 ------- Comment #3 from marosg@yahoo.com 2006-11-09 07:07 MST ------- Created an attachment (id=104479) --> (https://bugzilla.novell.com/attachment.cgi?id=104479&action=view) YAST logs as from save_y2logs /tmp/y2logs.tgz -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=218254 ------- Comment #4 from marosg@yahoo.com 2006-11-09 07:13 MST ------- lat130:~ # chroot /sles10master/ lat130:/# scp 129.40.178.121:/etc/fstab /tmp PRNG is not seeded lat130:/# exit lat130:~ # scp 129.40.178.121:/etc/fstab /tmp fstab 100% 553 0.5KB/s 00:00 then tried LDAP Client Fetch DN then lat130:~ # date Thu Nov 9 09:02:56 EST 2006 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=218254 marosg@yahoo.com changed: What |Removed |Added ---------------------------------------------------------------------------- OS/Version|SuSE Linux 10.0 |SLES 10 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=218254 marosg@yahoo.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |ASSIGNED Info Provider|marosg@yahoo.com | ------- Comment #5 from marosg@yahoo.com 2006-11-10 11:00 MST ------- files provided -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=218254 marosg@yahoo.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |NEEDINFO Info Provider| |marosg@yahoo.com -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=218254 marosg@yahoo.com changed: What |Removed |Added ---------------------------------------------------------------------------- Severity|Normal |Major Priority|P5 - None |P2 - High -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=218254 mhorvath@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Priority|P2 - High |P5 - None -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=218254 mhorvath@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|anicka@novell.com |jsuchome@novell.com Status|NEEDINFO |NEW Info Provider|mhorvath@novell.com | ------- Comment #10 from mhorvath@novell.com 2006-11-23 06:07 MST ------- We've discussed this bug, sorry for the delay. The problem with scp is not a bug in fact, there's a problem with ssh (scp uses ssh) configuration, where you probably don't have rights to read/write to /dev/urandom. This manual might be useful http://www.debian.org/doc/manuals/securing-debian-howto/ap-chroot-ssh-env.en..., chapter 'G.2 Chrooting the ssh server' . Also I'm going to reassign the first problem to the yast ldap-client maintainer. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=218254 jsuchome@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution| |INVALID ------- Comment #13 from jsuchome@novell.com 2006-11-23 08:08 MST ------- The problem of LDAP initialization with SSL/TLS enabled is the same as with ssh. Closing the bug as invalid. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=218254 mhorvath@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|jsuchome@novell.com |rhafer@novell.com Status|REOPENED |NEW -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=218254 mhorvath@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |INVALID ------- Comment #17 from mhorvath@novell.com 2006-11-24 08:48 MST ------- According to Ralf's and Anna's comments, I'm going to close this bug as invalid. --------------------- Ralf wrote: "ldapsearch with SSL/TLS does not work if /dev/random or /dev/urandom are not available in the chroot environment. Not even on SLES9. To make it work, either just create the required device-nodes (hint: mknod) in the chroot directory or turn off SSL/TLS. I can't comment on ssh (its not my package) but I guess the same is true for that. I'll reassign to our openssh maintainer for commenting. But in my view this bug is still invalid." ---------------------------- Anna wrote: "Agreed, ssh cannot work without /dev/urandom. I propose to close as invalid." -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=218254 User ihno@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=218254#c18 Ihno Krumreich <ihno@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |ihno@novell.com Status|RESOLVED |CLOSED --- Comment #18 from Ihno Krumreich <ihno@novell.com> 2008-04-08 04:22:26 MST --- Closed. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com