Problem in updating openssh-server

Kernels & Hardware, configuring network, installing services

Problem in updating openssh-server

Postby raskar » 2008-07-08 09:03

Hi everybody,
I'm trying to update openssh-server package on my debian etch.

But I Have an error in the dpkg process :
Code: Select all
After unpacking 492kB of additional disk space will be used.
Preconfiguring packages ...
(Reading database ... 32421 files and directories currently installed.)
Unpacking openssh-server (from .../openssh-server_1%3a4.3p2-9etch2_i386.deb) ...
dpkg: error processing /var/cache/apt/archives/openssh-server_1%3a4.3p2-9etch2_i386.deb (--unpack):
 unable to make backup link of `./usr/sbin/sshd' before installing new version: Operation not permitted
Errors were encountered while processing:
 /var/cache/apt/archives/openssh-server_1%3a4.3p2-9etch2_i386.deb
E: Sub-process /usr/bin/dpkg returned an error code (1)


I try a lot things but I always have this error.
I have remove first the package, then I'm trying to reinstall it but always this error.

can somebody help me ?
raskar
 
Posts: 1
Joined: 2008-07-08 08:59

Postby simonapnic » 2008-07-08 13:59

You should make sure you are root (uid 0).
Also, if you keep having trouble with it, you can try to build it from the source instead.
It should work that way.
Simon
simon@apnicsolutions.com
T: +44 (0)870-421-5261 / +1 989-785-0898
W: http://www.apnicservices.com Management, Admin, Total Support, Shared, VPS, Dedicated
simonapnic
 
Posts: 16
Joined: 2008-07-06 18:54

Postby plewright » 2008-09-17 14:28

tried my usual daily updates today, but almost same issue as raskar.

Any solutions - this should not require a source compile and build.

Code: Select all
# apt-get upgrade
Reading package lists... Done
Building dependency tree... Done
The following packages will be upgraded:
  openssh-client openssh-server
2 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 0B/884kB of archives.
After unpacking 0B of additional disk space will be used.
Do you want to continue [Y/n]? Y
Preconfiguring packages ...
(Reading database ... 243464 files and directories currently installed.)
Preparing to replace openssh-server 1:4.3p2-9etch2 (using .../openssh-server_1%3a4.3p2-9etch3_i386.deb) ...
Unpacking replacement openssh-server ...
dpkg: error processing /var/cache/apt/archives/openssh-server_1%3a4.3p2-9etch3_i386.deb (--unpack):
 unable to make backup link of `./usr/sbin/sshd' before installing new version: Operation not permitted
Preparing to replace openssh-client 1:4.3p2-9etch2 (using .../openssh-client_1%3a4.3p2-9etch3_i386.deb) ...
Unpacking replacement openssh-client ...
dpkg: error processing /var/cache/apt/archives/openssh-client_1%3a4.3p2-9etch3_i386.deb (--unpack):
 unable to make backup link of `./usr/bin/ssh' before installing new version: Operation not permitted
dpkg-deb: subprocess paste killed by signal (Broken pipe)
Errors were encountered while processing:
 /var/cache/apt/archives/openssh-server_1%3a4.3p2-9etch3_i386.deb
 /var/cache/apt/archives/openssh-client_1%3a4.3p2-9etch3_i386.deb
E: Sub-process /usr/bin/dpkg returned an error code (1)
plewright
 
Posts: 4
Joined: 2008-09-17 14:06

Postby shoof » 2008-09-17 15:15

Well since 2 different people are getting the same error there is obviously an issue with certain setups.

First one of you should file a bug-report.

If you can't wait for that you can always try to force the install. This could break your system even more so use at your own risk.

dpkg -i --force-all /var/cache/apt/archives/openssh-server_1%3a4.3p2-9etch3_i386.deb
shoof
 
Posts: 379
Joined: 2006-09-08 20:41
Location: My chair

Postby infinitycircuit » 2008-09-17 20:47

Honestly, the first two suggestions to fix this should not be: 1) compile from source, and 2) use --force-all. Both should be last resorts.

What is the output of ls -l /usr/bin/ssh*?

You can try first purging the packages and then installing them (dpkg -P openssh-{client,server} && aptitude install openssh-{client,server}).
I am currently a Debian Maintainer. I am also in the New Maintainers' Queue.
infinitycircuit
 
Posts: 1137
Joined: 2007-07-24 03:31
Location: California

Postby plewright » 2008-09-18 11:16

Code: Select all
# ls -l /usr/bin/ssh*
-rwxr-xr-x 1 root root 187460 2007-03-24 08:29 /usr/bin/ssh
-rwxr-xr-x 1 root root  80516 2008-05-15 05:07 /usr/bin/ssh-add
-rwxr-sr-x 1 root ssh   65836 2008-05-15 05:07 /usr/bin/ssh-agent
-rwxr-xr-x 1 root root   1452 2008-05-15 05:07 /usr/bin/ssh-argv0
-rwxr-xr-x 1 root root   1271 2008-05-15 05:07 /usr/bin/ssh-copy-id
-rwxr-xr-x 1 root root 105252 2008-05-15 05:07 /usr/bin/ssh-keygen
-rwxr-xr-x 1 root root 138088 2008-05-15 05:07 /usr/bin/ssh-keyscan
-rwxr-xr-x 1 root root  68516 2008-05-15 05:07 /usr/bin/ssh-vulnkey

and then
Code: Select all
# dpkg -P openssh-{client,server} && aptitude install openssh-{client ,server}
dpkg: dependency problems prevent removal of openssh-client:
 kdessh depends on openssh-client | ssh-client; however:
  Package openssh-client is to be removed.
  Package ssh-client is not installed.
  Package openssh-client which provides ssh-client is to be removed.
 kdessh depends on openssh-client | ssh-client; however:
  Package openssh-client is to be removed.
  Package ssh-client is not installed.
  Package openssh-client which provides ssh-client is to be removed.
dpkg: error processing openssh-client (--purge):
 dependency problems - not removing
(Reading database ... 243463 files and directories currently installed.)
Removing openssh-server ...
Stopping OpenBSD Secure Shell server: sshd.
dpkg - warning: while removing openssh-server, unable to remove directory `/usr/ sbin/sshd': Operation not permitted - directory may be a mount point ?
Purging configuration files for openssh-server ...
dpkg - warning: while removing openssh-server, unable to remove directory `/usr/ sbin/sshd': Operation not permitted - directory may be a mount point ?
Errors were encountered while processing:
 openssh-client


whats that kde thing?
Code: Select all
 apt-get remove kdessh


then tried again, 2 times actually.
Code: Select all
 # dpkg -P openssh-{client,server} && aptitude install openssh-{client,server}
dpkg - warning: ignoring request to remove openssh-client which isn't installed.
dpkg - warning: ignoring request to remove openssh-server which isn't installed.
Reading package lists... Done
Building dependency tree... Done
Reading extended state information
Initializing package states... Done
Writing extended state information... Done
Reading task descriptions... Done
Building tag database... Done
The following NEW packages will be installed:
  openssh-client openssh-server
0 packages upgraded, 2 newly installed, 0 to remove and 0 not upgraded.
Need to get 0B/884kB of archives. After unpacking 2028kB will be used.
Writing extended state information... Done
Preconfiguring packages ...
(Reading database ... 243340 files and directories currently installed.)
Unpacking openssh-client (from .../openssh-client_1%3a4.3p2-9etch3_i386.deb) ...
dpkg: error processing /var/cache/apt/archives/openssh-client_1%3a4.3p2-9etch3_i386.deb (--unpack):
 unable to make backup link of `./usr/bin/ssh' before installing new version: Operation not permitted
dpkg-deb: subprocess paste killed by signal (Broken pipe)
Unpacking openssh-server (from .../openssh-server_1%3a4.3p2-9etch3_i386.deb) ...
dpkg: error processing /var/cache/apt/archives/openssh-server_1%3a4.3p2-9etch3_i386.deb (--unpack):
 unable to make backup link of `./usr/sbin/sshd' before installing new version: Operation not permitted
Errors were encountered while processing:
 /var/cache/apt/archives/openssh-client_1%3a4.3p2-9etch3_i386.deb
 /var/cache/apt/archives/openssh-server_1%3a4.3p2-9etch3_i386.deb
E: Sub-process /usr/bin/dpkg returned an error code (1)
A package failed to install.  Trying to recover:

then tried this...
Code: Select all
 # dpkg -i --force-all /var/cache/apt/archives/openssh-server_1%3a4.3p2-9etch3_i386.deb
(Reading database ... 243340 files and directories currently installed.)
Unpacking openssh-server (from .../openssh-server_1%3a4.3p2-9etch3_i386.deb) ...
dpkg: error processing /var/cache/apt/archives/openssh-server_1%3a4.3p2-9etch3_i386.deb (--install):
 unable to make backup link of `./usr/sbin/sshd' before installing new version: Operation not permitted
Errors were encountered while processing:
 /var/cache/apt/archives/openssh-server_1%3a4.3p2-9etch3_i386.deb


finally I tried this
Code: Select all
# ls -l /usr/bin/ssh*
-rwxr-xr-x 1 root root 187460 2007-03-24 08:29 /usr/bin/ssh

# mv /usr/bin/ssh /usr/bin/ssh.old
mv: cannot move `/usr/bin/ssh' to `/usr/bin/ssh.old': Operation not permitted


grrr. any other ideas?
I think building it from source is a cop-out, it wont really find the underlying problem experienced here for everyone else.
How do I file a bug report??
plewright
 
Posts: 4
Joined: 2008-09-17 14:06

Postby Pick2 » 2008-09-18 12:12

Assuming ssh daemon is running at start-up , maybe the Secure part won't let you change it , or stop it to upgrade it ?
Have you tried booting to single user mode , can it be updated from there ?
User avatar
Pick2
 
Posts: 797
Joined: 2007-07-07 13:31
Location: Decatur Il

Postby trey » 2008-09-18 15:57

lsattr /usr/bin/ssh
chattr -i /usr/bin/ssh (if 'i' is set)
trey
 
Posts: 119
Joined: 2005-06-09 17:47

Postby plewright » 2008-09-18 21:58

Thanks trey, Ive never seen lsattr, or chattr
But no luck...
Code: Select all
# lsattr /usr/bin/ssh
su--ia------------ /usr/bin/ssh

# chattr -i /usr/bin/ssh

# lsattr /usr/bin/ssh
su---a------------ /usr/bin/ssh

# mv /usr/bin/ssh /usr/bin/ssh.old
mv: cannot move `/usr/bin/ssh' to `/usr/bin/ssh.old': Operation not permitted

I'll try single user mode and get back to you shortly.
- Nope, no luck in single user mode either.
plewright
 
Posts: 4
Joined: 2008-09-17 14:06

Postby trey » 2008-09-19 16:22

Remove all of those flags, there are none set by default. You may want to check if that ssh binary isn't backdoored.

A file with the ‘a’ attribute set can only be open in append mode for writing. Only the superuser or a proâ€
trey
 
Posts: 119
Joined: 2005-06-09 17:47

Postby plewright » 2008-09-22 10:45

Thanks to all for your help.
I have been able to remove the old ssh and install the new one.
There were a few like that for that package, scp sshd etc.
My system was indeed compromised, as my ISP canned my account because apparantly my computer was port scanning. All sorted out now.
Have locked it down a lot more securely, have removed ssh from default runlevel. Using logcheck for now, in paranoid mode, just to keep an eye on things.
Found and removed some very strange scripts under /usr/local/something
clamav didn't find anything.
There seems to be more popping up on google about this too.
Thanks again, and beware - there are some nuts loose.
plewright
 
Posts: 4
Joined: 2008-09-17 14:06

Re: Problem in updating openssh-server

Postby reitchelazan » 2010-05-30 13:43

Good tutorial for help thanks all.
u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60u60инфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфоинфо
reitchelazan
 
Posts: 1
Joined: 2010-05-30 13:40


Return to System configuration

Who is online

Users browsing this forum: No registered users and 7 guests

fashionable