IBM Support

SE66199 - SC1-SSH-UNPRED SSHD_CONFIG - 'USEPRIVILEGESEPARATION SANDBOX'
AFTER RSTLICPGM

Subscribe to this APAR

By subscribing, you receive periodic emails alerting you to the status of the APAR, along with a link to the fix after it becomes available. You can track this item individually or track all items by product.

Notify me when this APAR changes.

Notify me when an APAR for this component changes.

 APAR (Authorized Program Analysis Report)

Abstract

SC1-SSH-UNPRED SSHD_CONFIG - 'USEPRIVILEGESEPARATION SANDBOX'
AFTER RSTLICPGM

Error Description

When performing a SAVLICPGM/RSTLICPGM the default              
/QOpenSys/QIBM/UserData/SC1/OpenSSH/openssh-4.7p1/etc/sshd_confi
g is restored instead the one from the system where the        
SAVLICPGM was performed. Because the default contain            
'UsePrivilegeSeparation sandbox' the SSH server would not start.

Problem Summary

When performing a SAVLICPGM/RSTLICPGM the default              
/QOpenSys/QIBM/UserData/SC1/OpenSSH/openssh-4.7p1/etc/sshd_confi
g is restored instead the one from the system where the        
SAVLICPGM was performed. Because the default contain            
'UsePrivilegeSeparation sandbox' the SSH server would not start.

Problem Conclusion

In a recent PTF, the OpenSSH version was updated and the        
upstream sshd_config was included unmodified. The sshd_config  
has been fixed to specify UsePrivilegeSeparation no instead of  
sandbox.                                                        

Temporary Fix

Comments

Circumvention


Copy                                                            

/QOpenSys/QIBM/UserData/SC1/OpenSSH/openssh-4.7p1/etc/sshd_confi
g or /QOpenSys/QIBM/UserData/SC1/OpenSSH/etc/sshd_config from  
another system after doing the RSTLICPGM or manually change the
value of UsePrivilegeSeparation from "sandbox" to "no".        

PTFs Available

R710 SI63212 PTF Cover Letter   7192
R720 SI63211 PTF Cover Letter   7068

Affected Modules

         
         

Affected Publications

Summary Information

Status............................................ CLOSED PER
HIPER........................................... No
Component.................................. 5733SC100
Failing Module.......................... RCHMGR
Reported Release................... R710
Duplicate Of..............................




System i Support

IBM disclaims all warranties, whether express or implied, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose. By furnishing this document, IBM grants no licenses to any related patents or copyrights. Copyright © 1996,1997,1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017 IBM Corporation. Any trademarks and product or brand names referenced in this document are the property of their respective owners. Consult the Terms of use link for trademark information

[{"Type":"MASTER","Line of Business":{"code":"LOB57","label":"Power"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SWG60","label":"IBM i"},"Platform":[{"code":"PF012","label":"IBM i"}],"Version":"7.2.0"},{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SG15Q","label":"APARs - OS\/400 General"},"Component":"","ARM Category":[],"Platform":[{"code":"PF012","label":"IBM i"}],"Version":"V7R1M0;V7R2M0","Edition":"","Line of Business":{"code":"","label":""}}]

Document Information

Modified date:
28 July 2017