JanusPaul |
08-12-2006 11:38 AM |
strace output
Quote:
Originally Posted by osor
Does the sshd binary exist? Is it executable? What happens when you do `strace -f -F /path/to/sshd' (note, sshd requires the full path be given).
|
Code:
strace -f -F /usr/sbin/sshd
execve("/usr/sbin/sshd", ["/usr/sbin/sshd"], [/* 44 vars */]) = 0
uname({sys="Linux", node="debian", ...}) = 0
brk(0) = 0x8093000
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40017000
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
open("/etc/ld.so.preload", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=15625, ...}) = 0
old_mmap(NULL, 15625, PROT_READ, MAP_PRIVATE, 3, 0) = 0x40018000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
open("/lib/libwrap.so.0", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\320!\0"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0644, st_size=28880, ...}) = 0
old_mmap(NULL, 33924, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x4001c000
old_mmap(0x40023000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x6000) = 0x40023000
old_mmap(0x40024000, 1156, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x40024000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
open("/lib/libpam.so.0", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0`\25\0\000"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0644, st_size=30360, ...}) = 0
old_mmap(NULL, 29324, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x40025000
old_mmap(0x4002c000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x7000) = 0x4002c000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
open("/lib/tls/libdl.so.2", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\320\32"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0644, st_size=9872, ...}) = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x4002d000
old_mmap(NULL, 8632, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x4002e000
old_mmap(0x40030000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x2000) = 0x40030000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
open("/lib/tls/libresolv.so.2", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\220)\0"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0644, st_size=64924, ...}) = 0
old_mmap(NULL, 73640, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x40031000
old_mmap(0x40040000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0xf000) = 0x40040000
old_mmap(0x40041000, 8104, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x40041000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
open("/usr/lib/i686/cmov/libcrypto.so.0.9.7", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0p\300\2"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0644, st_size=1029672, ...}) = 0
old_mmap(NULL, 1043608, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x40043000
old_mmap(0x4012d000, 73728, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0xea000) = 0x4012d000
old_mmap(0x4013f000, 11416, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x4013f000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
open("/lib/tls/libutil.so.1", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0000\16\0"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0644, st_size=7828, ...}) = 0
old_mmap(NULL, 10652, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x40142000
old_mmap(0x40144000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x1000) = 0x40144000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
open("/usr/lib/libz.so.1", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\200\27"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0644, st_size=67468, ...}) = 0
old_mmap(NULL, 70528, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x40145000
old_mmap(0x40156000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x10000) = 0x40156000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
open("/lib/tls/libnsl.so.1", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0 <\0\000"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0644, st_size=73304, ...}) = 0
old_mmap(NULL, 80544, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x40157000
old_mmap(0x40168000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x11000) = 0x40168000
old_mmap(0x40169000, 6816, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x40169000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
open("/lib/tls/libcrypt.so.1", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\360\t\0"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0644, st_size=18876, ...}) = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x4016b000
old_mmap(NULL, 181692, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x4016c000
old_mmap(0x40171000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x4000) = 0x40171000
old_mmap(0x40172000, 157116, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x40172000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
open("/lib/tls/libpthread.so.0", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0pF\0\000"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=78233, ...}) = 0
old_mmap(NULL, 60772, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x40199000
old_mmap(0x401a5000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0xc000) = 0x401a5000
old_mmap(0x401a6000, 7524, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x401a6000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
open("/lib/tls/libc.so.6", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0`Z\1\000"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=1254660, ...}) = 0
old_mmap(NULL, 1264972, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x401a8000
old_mmap(0x402d2000, 36864, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x129000) = 0x402d2000
old_mmap(0x402db000, 7500, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x402db000
close(3) = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x402dd000
set_thread_area({entry_number:-1 -> 6, base_addr:0x402dd460, limit:1048575, seg_32bit:1, contents:0, read_exec_only:0, limit_in_pages:1, seg_not_present:0, useable:1}) = 0
munmap(0x40018000, 15625) = 0
set_tid_address(0x402dd4a8) = 7703
rt_sigaction(SIGRTMIN, {0x4019d5d0, [], SA_SIGINFO}, NULL, 8) = 0
rt_sigprocmask(SIG_UNBLOCK, [RTMIN], NULL, 8) = 0
getrlimit(RLIMIT_STACK, {rlim_cur=8192*1024, rlim_max=RLIM_INFINITY}) = 0
brk(0) = 0x8093000
brk(0x80b4000) = 0x80b4000
brk(0) = 0x80b4000
geteuid32() = 0
setgroups32(0, []) = 0
getpid() = 7703
getpid() = 7703
open("/dev/urandom", O_RDONLY|O_NONBLOCK|O_NOCTTY) = 3
select(4, [3], NULL, NULL, {0, 10000}) = 1 (in [3], left {0, 10000})
read(3, "\242B3:@(\2\252\347xS\237\264\332\311\317\334Th\321N\4"..., 32) = 32
close(3) = 0
getpid() = 7703
getpid() = 7703
getuid32() = 0
getpid() = 7703
time(NULL) = 1155400603
getpid() = 7703
open("/etc/ssh/sshd_config", O_RDONLY|O_LARGEFILE) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=1797, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40018000
read(3, "# Package generated configuratio"..., 4096) = 1797
getuid32() = 0
getuid32() = 0
read(3, "", 4096) = 0
close(3) = 0
munmap(0x40018000, 4096) = 0
open("/etc/ssh/ssh_host_rsa_key", O_RDONLY|O_LARGEFILE) = 3
fstat64(3, {st_mode=S_IFREG|0600, st_size=883, ...}) = 0
getuid32() = 0
fstat64(3, {st_mode=S_IFREG|0600, st_size=883, ...}) = 0
read(3, "-----BEGIN RSA PRIVATE KEY-----\n"..., 883) = 883
_llseek(3, 0, [0], SEEK_SET) = 0
fcntl64(3, F_GETFL) = 0x8000 (flags O_RDONLY|O_LARGEFILE)
fstat64(3, {st_mode=S_IFREG|0600, st_size=883, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40018000
_llseek(3, 0, [0], SEEK_CUR) = 0
read(3, "-----BEGIN RSA PRIVATE KEY-----\n"..., 4096) = 883
getpid() = 7703
time([1155400603]) = 1155400603
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
getpid() = 7703
close(3) = 0
munmap(0x40018000, 4096) = 0
open("/etc/ssh/ssh_host_dsa_key", O_RDONLY|O_LARGEFILE) = 3
fstat64(3, {st_mode=S_IFREG|0600, st_size=668, ...}) = 0
getuid32() = 0
fstat64(3, {st_mode=S_IFREG|0600, st_size=668, ...}) = 0
read(3, "-----BEGIN DSA PRIVATE KEY-----\n"..., 668) = 668
_llseek(3, 0, [0], SEEK_SET) = 0
fcntl64(3, F_GETFL) = 0x8000 (flags O_RDONLY|O_LARGEFILE)
fstat64(3, {st_mode=S_IFREG|0600, st_size=668, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40018000
_llseek(3, 0, [0], SEEK_CUR) = 0
read(3, "-----BEGIN DSA PRIVATE KEY-----\n"..., 4096) = 668
close(3) = 0
munmap(0x40018000, 4096) = 0
socket(PF_FILE, SOCK_STREAM, 0) = 3
connect(3, {sa_family=AF_FILE, path="/var/run/.nscd_socket"}, 110) = -1 ENOENT (No such file or directory)
close(3) = 0
open("/etc/nsswitch.conf", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=465, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40018000
read(3, "# /etc/nsswitch.conf\n#\n# Example"..., 4096) = 465
read(3, "", 4096) = 0
close(3) = 0
munmap(0x40018000, 4096) = 0
open("/etc/ld.so.cache", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=15625, ...}) = 0
old_mmap(NULL, 15625, PROT_READ, MAP_PRIVATE, 3, 0) = 0x40018000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
open("/lib/tls/libnss_compat.so.2", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0000\22\0"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0644, st_size=28616, ...}) = 0
old_mmap(NULL, 31628, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x402de000
old_mmap(0x402e5000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x6000) = 0x402e5000
close(3) = 0
munmap(0x40018000, 15625) = 0
open("/etc/ld.so.cache", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=15625, ...}) = 0
old_mmap(NULL, 15625, PROT_READ, MAP_PRIVATE, 3, 0) = 0x40018000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
open("/lib/tls/libnss_nis.so.2", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\20\34\0"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0644, st_size=33440, ...}) = 0
old_mmap(NULL, 36620, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x402e6000
old_mmap(0x402ee000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x7000) = 0x402ee000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
open("/lib/tls/libnss_files.so.2", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\200\35"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0644, st_size=34748, ...}) = 0
old_mmap(NULL, 38044, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x402ef000
old_mmap(0x402f8000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x8000) = 0x402f8000
close(3) = 0
munmap(0x40018000, 15625) = 0
open("/etc/passwd", O_RDONLY) = 3
fcntl64(3, F_GETFD) = 0
fcntl64(3, F_SETFD, FD_CLOEXEC) = 0
_llseek(3, 0, [0], SEEK_CUR) = 0
fstat64(3, {st_mode=S_IFREG|0644, st_size=1108, ...}) = 0
mmap2(NULL, 1108, PROT_READ, MAP_SHARED, 3, 0) = 0x40018000
_llseek(3, 1108, [1108], SEEK_SET) = 0
munmap(0x40018000, 1108) = 0
close(3) = 0
stat64("/var/run/sshd", {st_mode=S_IFDIR|0755, st_size=1024, ...}) = 0
setgroups32(0, []) = 0
clone(Process 7704 attached
child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x402dd4a8) = 7704
[pid 7703] exit_group(0) = ?
[pid 7704] setsid() = 7704
chdir("/") = 0
open("/dev/null", O_RDWR) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=0, ...}) = 0
close(3) = 0
time([1155400603]) = 1155400603
open("/etc/localtime", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=1279, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40018000
read(3, "TZif\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\5\0\0\0\5\0"..., 4096) = 1279
close(3) = 0
munmap(0x40018000, 4096) = 0
getpid() = 7704
rt_sigaction(SIGPIPE, {0x4027ca70, [], 0}, {SIG_DFL}, 8) = 0
socket(PF_FILE, SOCK_DGRAM, 0) = 3
fcntl64(3, F_SETFD, FD_CLOEXEC) = 0
connect(3, {sa_family=AF_FILE, path="/dev/log"}, 16) = 0
send(3, "<34>Aug 12 11:36:43 sshd[7704]: "..., 63, 0) = 63
rt_sigaction(SIGPIPE, {SIG_DFL}, NULL, 8) = 0
close(3) = 0
exit_group(255) = ?
Process 7704 detached
I have no idea how to read that and make any sense of it. But I have run 'apt-get install ssh'. In an earlier post I mentioned installing it from different mirrors and I get the same effect.
|