From mboxrd@z Thu Jan 1 00:00:00 1970 From: Arne Fitzenreiter To: development@lists.ipfire.org Subject: [PATCH] OpenSSH: fix login on i?86 Date: Fri, 10 Apr 2020 21:46:29 +0200 Message-ID: <20200410194629.17220-1-arne_f@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============4087633052796728146==" List-Id: --===============4087633052796728146== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable glibc calls clock_nanosleep_time64 syscall even if it not defined in the headers for this arch and the seccomp filter kills the process with because an unknown syscall. Signed-off-by: Arne Fitzenreiter --- lfs/openssh | 1 + ...SH-8.2p1_glibc-2.31_clock_nanosleep_time64.patch | 13 +++++++++++++ 2 files changed, 14 insertions(+) create mode 100644 src/patches/OpenSSH-8.2p1_glibc-2.31_clock_nanosleep_time= 64.patch diff --git a/lfs/openssh b/lfs/openssh index 68a7d63cd..2f3eda74f 100644 --- a/lfs/openssh +++ b/lfs/openssh @@ -71,6 +71,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) cd $(DIR_APP) && sed -i "s/lkrb5 -ldes/lkrb5/" configure + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/OpenSSH-8.2p1_glibc-2.= 31_clock_nanosleep_time64.patch cd $(DIR_APP) && ./configure \ --prefix=3D/usr \ --sysconfdir=3D/etc/ssh \ diff --git a/src/patches/OpenSSH-8.2p1_glibc-2.31_clock_nanosleep_time64.patc= h b/src/patches/OpenSSH-8.2p1_glibc-2.31_clock_nanosleep_time64.patch new file mode 100644 index 000000000..5199872d9 --- /dev/null +++ b/src/patches/OpenSSH-8.2p1_glibc-2.31_clock_nanosleep_time64.patch @@ -0,0 +1,13 @@ +diff -Naur openssh-8.2p1.org/sandbox-seccomp-filter.c openssh-8.2p1/sandbox-= seccomp-filter.c +--- openssh-8.2p1.org/sandbox-seccomp-filter.c 2020-04-10 18:14:56.152309584= +0200 ++++ openssh-8.2p1/sandbox-seccomp-filter.c 2020-04-10 21:05:45.827921765 +02= 00 +@@ -253,6 +253,9 @@ + #endif + #ifdef __NR_clock_nanosleep_time64 + SC_ALLOW(__NR_clock_nanosleep_time64), ++#else ++ /* on i586 glibc call syscall 407 which is not defined */ ++ SC_ALLOW(407), + #endif + #ifdef __NR_clock_gettime64 + SC_ALLOW(__NR_clock_gettime64), --=20 2.17.1 --===============4087633052796728146==--