mirror of
git://anongit.mindrot.org/openssh.git
synced 2024-12-24 19:02:06 +00:00
- (djm) [session.c] Allow ChrootDirectory to work on SELinux platforms -
set up SELinux execution context before chroot() call. From Russell Coker via Colin watson; bz#1726 ok dtucker@
This commit is contained in:
parent
44451d0af8
commit
8b90642fcf
@ -8,6 +8,9 @@
|
||||
[servconf.c]
|
||||
from portable: getcwd(NULL, 0) doesn't work on all platforms, so
|
||||
use a stack buffer; ok dtucker@
|
||||
- (djm) [session.c] Allow ChrootDirectory to work on SELinux platforms -
|
||||
set up SELinux execution context before chroot() call. From Russell
|
||||
Coker via Colin watson; bz#1726 ok dtucker@
|
||||
|
||||
20100324
|
||||
- (dtucker) [contrib/cygwin/ssh-host-config] Mount the Windows directory
|
||||
|
@ -1551,6 +1551,10 @@ do_setusercontext(struct passwd *pw)
|
||||
}
|
||||
#endif /* HAVE_SETPCRED */
|
||||
|
||||
#ifdef WITH_SELINUX
|
||||
ssh_selinux_setup_exec_context(pw->pw_name);
|
||||
#endif
|
||||
|
||||
if (options.chroot_directory != NULL &&
|
||||
strcasecmp(options.chroot_directory, "none") != 0) {
|
||||
tmp = tilde_expand_filename(options.chroot_directory,
|
||||
@ -1575,10 +1579,6 @@ do_setusercontext(struct passwd *pw)
|
||||
|
||||
if (getuid() != pw->pw_uid || geteuid() != pw->pw_uid)
|
||||
fatal("Failed to set uids to %u.", (u_int) pw->pw_uid);
|
||||
|
||||
#ifdef WITH_SELINUX
|
||||
ssh_selinux_setup_exec_context(pw->pw_name);
|
||||
#endif
|
||||
}
|
||||
|
||||
static void
|
||||
|
Loading…
Reference in New Issue
Block a user