RepoMirrors
/
openssh
mirror of git://anongit.mindrot.org/openssh.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

- (dtucker) [buildpkg.sh.in] Always create privsep user. ok djm@

This commit is contained in:
Darren Tucker 2006-09-09 20:41:25 +10:00
parent 19a66dbf4f
commit 733a292c11
2 changed files with 3 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
ChangeLog
View File

@ -1,6 +1,7 @@
20060909 20060909
- (dtucker) [openbsd-compat/bsd-snprintf.c] Add stdarg.h. - (dtucker) [openbsd-compat/bsd-snprintf.c] Add stdarg.h.
- (dtucker) [contrib/aix/buildbff.sh] Always create privsep user. - (dtucker) [contrib/aix/buildbff.sh] Always create privsep user.
- (dtucker) [buildpkg.sh.in] Always create privsep user. ok djm@
20060908 20060908
- (dtucker) [auth-sia.c] Add includes required for build on Tru64. Patch - (dtucker) [auth-sia.c] Add includes required for build on Tru64. Patch
@ -5419,4 +5420,4 @@
- (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Trim deprecated options from INSTALL. Mention UsePAM
- (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
$Id: ChangeLog,v 1.4539 2006/09/09 10:34:15 dtucker Exp $ $Id: ChangeLog,v 1.4540 2006/09/09 10:41:25 dtucker Exp $

10
buildpkg.sh.in
View File

@ -311,14 +311,7 @@ then
chroot=echo chroot=echo
fi fi
if egrep '^[ \t]*UsePrivilegeSeparation[ \t]+no' \${PKG_INSTALL_ROOT}/$sysconfdir/sshd_config >/dev/null echo "PrivilegeSeparation user always required."
then
echo "UsePrivilegeSeparation disabled in config, not creating PrivSep user"
echo "or group."
else
echo "UsePrivilegeSeparation enabled in config (or defaulting to on)."
# user required?
if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null
then then
echo "PrivSep user $SSH_PRIVSEP_USER already exists." echo "PrivSep user $SSH_PRIVSEP_USER already exists."
@ -363,7 +356,6 @@ else
\$chroot ${PATH_USERADD_PROG} -c 'SSHD PrivSep User' -s /bin/false -g $SSH_PRIVSEP_USER \$sshduid $SSH_PRIVSEP_USER \$chroot ${PATH_USERADD_PROG} -c 'SSHD PrivSep User' -s /bin/false -g $SSH_PRIVSEP_USER \$sshduid $SSH_PRIVSEP_USER
\$chroot ${PATH_PASSWD_PROG} -l $SSH_PRIVSEP_USER \$chroot ${PATH_PASSWD_PROG} -l $SSH_PRIVSEP_USER
} }
fi
[ "\${POST_INS_START}" = "yes" ] && ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start [ "\${POST_INS_START}" = "yes" ] && ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start
exit 0 exit 0