On Mon, Nov 2, 2009 at 09:48, Vesa Kaihlavirta <vpkaihla@xxxxxxxxx> wrote: > Hey, > > I made a screwup on the openntpd package which nastily reveals a > weakness in openssh and filesystems. I moved away from using > /var/empty/ as a privsep directory, and removed the directory from the > package. But since it's empty, it got removed from the system as well > in the upgrade. > > So if you're using openntpd and openssh, BE EXTRA CAREFUL with your > next upgrade. openssh does not start if /var/empty/ is not there. > > Quick fix: after doing pacman -Suy, do mkdir /var/empty as root. > > Longer fix: openssh, or perhaps the filesystems package should create > /var/empty/ and put a hidden file in it so idiots like me won't cause > accidents in the future. Correction: the latest openssh package (3.5p1-2) works around missing /var/empty by creating it in rc.d daemon. P.S.: I'm not sure putting a hidden file in /var/empty is not against it's purpose (which I suppose is "to be empty"). We are discussing ways to eliminate the problem completely. -- Roman Kyrylych (Роман Кирилич)
