ssh to corp from chroot is broken |
|||||||||||||
Issue descriptionThe cros_sdk chroot's ssh version was recently updated from 6.6. to 7.2: https://chromium-review.googlesource.com/#/c/349750/ This version of ssh has a bug that breaks ssh to corp, b/29992902. Upgrade or patch the fix (see https://critique.corp.google.com/#review/129177057 for a patch).
,
Aug 4 2016
7.3p1 fails to compile for the x86_64 host. 'emerge openssh' fails on undefined reference to get_canonical_hostname (related to the GSSAPI-dns patch).
,
Aug 4 2016
that's been fixed in upstream Gentoo already. make sure to grab the latest one.
,
Aug 4 2016
I'm using this:
cros_portage_upgrade --host --upgrade --unstable-ok net-misc/openssh
Is that the right way to do this?
I get 'Copying net-misc/openssh-7.3_p1-r1 from upstream', but the 7.3_p1-r1 ebuild looks wrong:
grep GSS openssh-7.3_p1-r1.ebuild
shows:
epatch "${FILESDIR}"/${PN}-7.2_p1-GSSAPI-dns.patch #165444 integrated into gsskex
but I expected ${PN}-7.3_p1-GSSAPI-dns.patch here to match what I see at
https://github.com/gentoo/gentoo/blob/master/net-misc/openssh/openssh-7.3_p1-r1.ebuild
and the 7.3_p1-GSSAPI-dns patch is not present.
The emerge fails in the same way as before.
,
Aug 4 2016
Looks like the most recent change has not propagated to cros yet: https://chromium.googlesource.com/chromiumos/overlays/portage.git/+/gentoo/net-misc/openssh compared to https://github.com/gentoo/gentoo/tree/master/net-misc/openssh cros does not have this commit: https://github.com/gentoo/gentoo/commit/dc520c7f9c8b814fe4a8e982ec9b31611aef1ced#diff-38ff5f9c51046ded6fc824182f098d73
,
Aug 5 2016
our portage cache updates once a day, so if it's behind now, try again later ;)
,
Aug 5 2016
,
Aug 5 2016
The fix is now available in the portage cache. However, openssh 7.3p1 is still marked as unstable. What is CrOS policy on updating to unstable?
,
Aug 5 2016
we don't care. we pick whatever versions are appropriate for us. use the --unstable flag with cros_portage_upgrade.
,
Aug 9 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/overlays/portage-stable/+/f1a33c95bbf085972051cbfaca86001b543cb005 commit f1a33c95bbf085972051cbfaca86001b543cb005 Author: Laurence Goodby <lgoodby@google.com> Date: Mon Aug 08 18:55:44 2016 openssh: upgraded package to upstream Upgraded net-misc/openssh to version 7.3_p1-r1 on amd64, arm, x86 BUG= chromium:634086 TEST='emerge openssh', ssh to corp host TEST='emerge openssh-{amd64-generic,arm-generic,x86-generic}' Change-Id: I1200d146752b31399898e64332eeb6fd5f3233cd Reviewed-on: https://chromium-review.googlesource.com/366833 Commit-Ready: Laurence Goodby <lgoodby@chromium.org> Tested-by: Laurence Goodby <lgoodby@chromium.org> Reviewed-by: Mike Frysinger <vapier@chromium.org> [rename] https://crrev.com/f1a33c95bbf085972051cbfaca86001b543cb005/net-misc/openssh/openssh-7.3_p1-r1.ebuild [add] https://crrev.com/f1a33c95bbf085972051cbfaca86001b543cb005/net-misc/openssh/files/openssh-7.3_p1-GSSAPI-dns.patch [rename] https://crrev.com/f1a33c95bbf085972051cbfaca86001b543cb005/net-misc/openssh/files/openssh-7.3_p1-sctp-x509-glue.patch [modify] https://crrev.com/f1a33c95bbf085972051cbfaca86001b543cb005/net-misc/openssh/metadata.xml [delete] https://crrev.com/e4fa502eea525e2aaa8e1fc44bfabb28316c9a47/metadata/md5-cache/net-misc/openssh-6.6.1_p1-r2 [modify] https://crrev.com/f1a33c95bbf085972051cbfaca86001b543cb005/net-misc/openssh/Manifest [add] https://crrev.com/f1a33c95bbf085972051cbfaca86001b543cb005/metadata/md5-cache/net-misc/openssh-7.3_p1-r1 [delete] https://crrev.com/e4fa502eea525e2aaa8e1fc44bfabb28316c9a47/net-misc/openssh/files/openssh-7.2_p1-GSSAPI-dns.patch [modify] https://crrev.com/f1a33c95bbf085972051cbfaca86001b543cb005/net-misc/openssh/files/sshd.rc6.4
,
Aug 9 2016
,
Aug 29 2016
,
Oct 7 2016
,
Oct 10 2016
,
Nov 19 2016
,
Jan 21 2017
,
Mar 4 2017
,
Apr 17 2017
,
May 30 2017
,
Aug 1 2017
,
Oct 14 2017
|
|||||||||||||
►
Sign in to add a comment |
|||||||||||||
Comment 1 by vapier@chromium.org
, Aug 3 2016