From nobody@FreeBSD.org  Wed Jul 31 06:18:16 2002
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id EBB5537B400
	for <freebsd-gnats-submit@FreeBSD.org>; Wed, 31 Jul 2002 06:18:16 -0700 (PDT)
Received: from www.freebsd.org (www.FreeBSD.org [216.136.204.117])
	by mx1.FreeBSD.org (Postfix) with ESMTP id AF0AE43E3B
	for <freebsd-gnats-submit@FreeBSD.org>; Wed, 31 Jul 2002 06:18:16 -0700 (PDT)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.12.4/8.12.4) with ESMTP id g6VDIGOT056015
	for <freebsd-gnats-submit@FreeBSD.org>; Wed, 31 Jul 2002 06:18:16 -0700 (PDT)
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.12.4/8.12.4/Submit) id g6VDIGSL056014;
	Wed, 31 Jul 2002 06:18:16 -0700 (PDT)
Message-Id: <200207311318.g6VDIGSL056014@www.freebsd.org>
Date: Wed, 31 Jul 2002 06:18:16 -0700 (PDT)
From: Diomidis Spinellis <dds@aueb.gr>
To: freebsd-gnats-submit@FreeBSD.org
Subject: Upgrade to 4.6.1-RELEASE-p3 breaks remote ssh login until the next reboot
X-Send-Pr-Version: www-1.0

>Number:         41202
>Category:       misc
>Synopsis:       Upgrade to 4.6.1-RELEASE-p3 breaks remote ssh login until the next reboot
>Confidential:   no
>Severity:       non-critical
>Priority:       high
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          doc-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Jul 31 06:20:01 PDT 2002
>Closed-Date:    Sat Jul 12 17:30:39 PDT 2003
>Last-Modified:  Sat Jul 12 17:30:39 PDT 2003
>Originator:     Diomidis Spinellis
>Release:        4.6.1-RELEASE-p3
>Organization:
Athens University of Economics and Business
>Environment:
>Description:
After the make installworld of a  4.6.1-RELEASE-p3 upgrade the machine will stop accepting incoming ssh connections due to loadable module mismatches:
Jul 31 15:34:58 istlab sshd[11976]: unable to dlopen(/usr/lib/pam_skey.so)
Jul 31 15:34:58 istlab sshd[11976]: [dlerror: /usr/lib/pam_skey.so: Undefined symbol "pam_set_option"]

>How-To-Repeat:
      
>Fix:
A reboot fixes this problem. It might be worthwhile to notify 
potential upgraders.  
Those performing a remote upgrade will want to keep their ssh terminal 
session open and execute a reboot after the installworld, 
otherwise they will have to get local access to the machine's console.
>Release-Note:
>Audit-Trail:

From: "Simon 'corecode' Schubert" <corecode@corecode.ath.cx>
To: Diomidis Spinellis <dds@aueb.gr>
Cc: freebsd-gnats-submit@FreeBSD.ORG
Subject: Re: misc/41202: Upgrade to 4.6.1-RELEASE-p3 breaks remote ssh login until the next reboot
Date: Wed, 31 Jul 2002 16:58:45 +0200

 --=.dYxDWm(zshZBOq
 Content-Type: text/plain; charset=US-ASCII
 Content-Transfer-Encoding: 7bit
 
 On Wed, 31 Jul 2002 06:18:16 -0700 (PDT) Diomidis Spinellis wrote:
 
 > >Fix:
 > A reboot fixes this problem. It might be worthwhile to notify 
 > potential upgraders.  
 > Those performing a remote upgrade will want to keep their ssh terminal
 > session open and execute a reboot after the installworld, otherwise
 > they will have to get local access to the machine's console.
 
 as the handbook states in 19.4:
 
 19.4.8 Reboot into Single User Mode
 [...]
 19.4.9 Install the New System Binaries  [i.e. installworld]
 
 you should do an installworld only while running the system in single
 user mode. this way no collisions happen with network, pam, .so's or
 whatever.
 
 
 -- 
 /"\   http://corecode.ath.cx/#donate
 \ /
  \     ASCII Ribbon Campaign
 / \  Against HTML Mail and News
 
 --=.dYxDWm(zshZBOq
 Content-Type: application/pgp-signature
 
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.0.7 (FreeBSD)
 
 iD8DBQE9R/sor5S+dk6z85oRArpKAJ4rj9rzx/Cn9vB8xfKpi289kjFZBwCgjlEg
 rnJznNz6XcD31rlMxVW+2Dw=
 =mVzY
 -----END PGP SIGNATURE-----
 
 --=.dYxDWm(zshZBOq--
 

From: Peter Pentchev <roam@ringlet.net>
To: Simon 'corecode' Schubert <corecode@corecode.ath.cx>
Cc: bug-followup@FreeBSD.org
Subject: Re: misc/41202: Upgrade to 4.6.1-RELEASE-p3 breaks remote ssh login until the next reboot
Date: Wed, 31 Jul 2002 18:38:10 +0300

 On Wed, Jul 31, 2002 at 08:00:17AM -0700, Simon 'corecode' Schubert wrote:
 >  On Wed, 31 Jul 2002 06:18:16 -0700 (PDT) Diomidis Spinellis wrote:
 >  
 >  > >Fix:
 >  > A reboot fixes this problem. It might be worthwhile to notify 
 >  > potential upgraders.  
 >  > Those performing a remote upgrade will want to keep their ssh terminal
 >  > session open and execute a reboot after the installworld, otherwise
 >  > they will have to get local access to the machine's console.
 >  
 >  as the handbook states in 19.4:
 >  
 >  19.4.8 Reboot into Single User Mode
 >  [...]
 >  19.4.9 Install the New System Binaries  [i.e. installworld]
 >  
 >  you should do an installworld only while running the system in single
 >  user mode. this way no collisions happen with network, pam, .so's or
 >  whatever.
 
 This advice may often be disregarded, *BUT* not lightly!  One must
 always be aware of the changes made to the system between rebuilds, if
 one chooses not to install in single user mode, or not to reboot after
 the installation is complete.  The only ways I can think of to "always be
 aware" is to either track the changes via cvsweb or something similar,
 or read the src/UPDATING and similar files, *or* run the 'periodic
 security' command after the installation and take a good look at the
 differences it encounters.  Special care should be taken with programs
 that change, and especially long-running daemons that have changed, such
 as sshd, or libraries that long-running daemons use.  If such a daemon
 or a library should change during an installworld, it is almost certain
 that you have to restart the daemon to make sure that you are really
 running the latest version.
 
 I wonder if some of the information in what I just said should not go
 into the handbook..  I just might write something up and post it to -doc
 for review soonish :)
 
 If you are wondering what should be a legitimate reason not to go down
 into single-user mode, here's a hint - colocation :)
 
 G'luck,
 Peter
 
 -- 
 Peter Pentchev	roam@ringlet.net	roam@FreeBSD.org
 PGP key:	http://people.FreeBSD.org/~roam/roam.key.asc
 Key fingerprint	FDBA FD79 C26F 3C51 C95E  DF9E ED18 B68D 1619 4553
 If wishes were fishes, the antecedent of this conditional would be true.
State-Changed-From-To: open->closed 
State-Changed-By: kris 
State-Changed-When: Sat Jul 12 17:30:15 PDT 2003 
State-Changed-Why:  
This is expected behaviour 

http://www.freebsd.org/cgi/query-pr.cgi?pr=41202 
>Unformatted:
