I was involved with the issues building OpenSSH 7.2p1 to use the
Solaris sandbox, but I ended up dropping out of the discussion
due to being on the road for most of the last couple of weeks.
Anyway, the problems persist with OpenSSH 7.2p2 when building
with --with-sandbox=solaris. I found that there's an error in
openbsd-compat/port-solaris.h on line 30, because the type
priv_set_t hasn't been defined:
/opt/SUNWspro/bin/cc -m32 -xtarget=ultra -xarch=sparc -xO5 -xstrconst
-xdepend -Xa -I. -I.. -I. -I./.. -I/opt/openssl-1.0/include
-DHAVE_CONFIG_H -c arc4random.c
"../openbsd-compat/port-solaris.h", line 30: warning: old-style
declaration or incorrect type for: priv_set_t
"../openbsd-compat/port-solaris.h", line 30: syntax error before or at: *
"../openbsd-compat/port-solaris.h", line 30: warning: old-style
declaration or incorrect type for: solaris_basic_privset
cc: acomp failed for arc4random.c
*** Error code 2
make: Fatal error: Command failed for target `arc4random.o'
Current working directory /opt/src/sys/openssh/openssh-7.2p2/openbsd-compat
*** Error code 1
make: Fatal error: Command failed for target
`openbsd-compat/libopenbsd-compat.a'
The fix appears to be simple -- add #include <priv.h> to
openbsd-compat/port-solaris.h.
I've also found that to build with Solaris sandbox support, you
need to turn on Solaris privileges support with --with-solaris-privs
as well.
In very brief testing, it does appear to work.
--
Jeff Wieland | Purdue University
Network Systems Administrator | ITIS UNIX Platforms
Voice: (765)496-8234 | 155 S. Grant Street
FAX: (765)496-1380 | West Lafayette, IN 47907
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
