On Mon, Nov 2, 2009 at 09:48, Vesa Kaihlavirta <vpkaihla@gmail.com> wrote:

Hey,

I made a screwup on the openntpd package which nastily reveals a weakness in openssh and filesystems. I moved away from using /var/empty/ as a privsep directory, and removed the directory from the package. But since it's empty, it got removed from the system as well in the upgrade.

So if you're using openntpd and openssh, BE EXTRA CAREFUL with your next upgrade. openssh does not start if /var/empty/ is not there.

Quick fix: after doing pacman -Suy, do mkdir /var/empty as root.

Longer fix: openssh, or perhaps the filesystems package should create /var/empty/ and put a hidden file in it so idiots like me won't cause accidents in the future.

Correction: the latest openssh package (3.5p1-2) works around missing /var/empty by creating it in rc.d daemon. P.S.: I'm not sure putting a hidden file in /var/empty is not against it's purpose (which I suppose is "to be empty"). We are discussing ways to eliminate the problem completely. -- Roman Kyrylych (Роман Кирилич)