Subscribe to this APAR
By subscribing, you receive periodic emails alerting you to the status of the APAR, along with a link to the fix after it becomes available. You can track this item individually or track all items by product.
APAR (Authorized Program Analysis Report) |
Abstract
SC1-SSH-UNPRED SSHD_CONFIG - 'USEPRIVILEGESEPARATION SANDBOX'
AFTER RSTLICPGM
Error Description
When performing a SAVLICPGM/RSTLICPGM the default
/QOpenSys/QIBM/UserData/SC1/OpenSSH/openssh-4.7p1/etc/sshd_confi
g is restored instead the one from the system where the
SAVLICPGM was performed. Because the default contain
'UsePrivilegeSeparation sandbox' the SSH server would not start.
Problem Summary
When performing a SAVLICPGM/RSTLICPGM the default
/QOpenSys/QIBM/UserData/SC1/OpenSSH/openssh-4.7p1/etc/sshd_confi
g is restored instead the one from the system where the
SAVLICPGM was performed. Because the default contain
'UsePrivilegeSeparation sandbox' the SSH server would not start.
Problem Conclusion
In a recent PTF, the OpenSSH version was updated and the
upstream sshd_config was included unmodified. The sshd_config
has been fixed to specify UsePrivilegeSeparation no instead of
sandbox.
Temporary Fix
Comments
Circumvention
Copy
/QOpenSys/QIBM/UserData/SC1/OpenSSH/openssh-4.7p1/etc/sshd_confi
g or /QOpenSys/QIBM/UserData/SC1/OpenSSH/etc/sshd_config from
another system after doing the RSTLICPGM or manually change the
value of UsePrivilegeSeparation from "sandbox" to "no".
PTFs Available
R710 SI63212 7192
R720 SI63211 7068
Affected Modules
Affected Publications
Summary Information
Status............................................ | CLOSED PER |
HIPER........................................... | No |
Component.................................. | 5733SC100 |
Failing Module.......................... | RCHMGR |
Reported Release................... | R710 |
Duplicate Of.............................. |
System i Support
IBM disclaims all warranties, whether express or implied, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose. By furnishing this document, IBM grants no licenses to any related patents or copyrights. Copyright © 1996,1997,1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017 IBM Corporation. Any trademarks and product or brand names referenced in this document are the property of their respective owners. Consult the Terms of use link for trademark information
Document Information
Modified date:
28 July 2017