diff options
author | Andrey A. Chernov <ache@FreeBSD.org> | 1999-02-06 01:40:35 +0000 |
---|---|---|
committer | Andrey A. Chernov <ache@FreeBSD.org> | 1999-02-06 01:40:35 +0000 |
commit | 7a7ea0c942ff782a12a7ba0d5a534c8e4a6f85ab (patch) | |
tree | e2419653d4ff522fee3a7cb97a222c94bf36d139 /security/ssh2/files/patch-ai | |
parent | Switch the maintainer to Mr.Kiriake. (diff) |
Use setusercontext() now to set all sort of login things including env.
variables and priority!
Enable light debugging for compatibility with -v option
Don't print "No mail." - not in BSD login style.
Notes
Notes:
svn path=/head/; revision=16549
Diffstat (limited to '')
-rw-r--r-- | security/ssh2/files/patch-ai | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/security/ssh2/files/patch-ai b/security/ssh2/files/patch-ai new file mode 100644 index 000000000000..600c48ead9c8 --- /dev/null +++ b/security/ssh2/files/patch-ai @@ -0,0 +1,46 @@ +--- lib/sshsession/sshunixuser.c.orig Fri Jan 29 12:06:07 1999 ++++ lib/sshsession/sshunixuser.c Sat Feb 6 03:00:28 1999 +@@ -55,6 +55,10 @@ + #include "tcbc2.h" + #endif /* HAVE_OSF1_C2_SECURITY */ + ++#ifdef HAVE_LOGIN_CAP_H ++#include <login_cap.h> ++#endif /* HAVE_LOGIN_CAP_H */ ++ + extern char *crypt(const char *key, const char *salt); + + /* Data type to hold machine-specific user data. */ +@@ -713,6 +717,24 @@ + /* Set uid, gid, and groups. */ + if (getuid() == UID_ROOT || geteuid() == UID_ROOT) + { ++#ifdef HAVE_LOGIN_CAP_H ++ struct passwd *pwd; ++ ++ pwd = getpwnam(ssh_user_name(uc)); ++ if (!pwd) ++ { ++ ssh_debug("ssh_user_become: getpwnam: %s", strerror(errno)); ++ return FALSE; ++ } ++ if (setusercontext(NULL, pwd, ssh_user_uid(uc), ++ LOGIN_SETALL & ~(LOGIN_SETLOGIN|LOGIN_SETPATH|LOGIN_SETENV)) != 0) ++ { ++ ssh_debug("ssh_user_become: setusercontext: %s", strerror(errno)); ++ return FALSE; ++ } ++ endpwent(); ++ endgrent(); ++#else + if (setgid(ssh_user_gid(uc)) < 0) + { + ssh_debug("ssh_user_become: setgid: %s", strerror(errno)); +@@ -745,6 +767,7 @@ + (int)ssh_user_uid(uc), strerror(errno)); + return FALSE; + } ++#endif /* HAVE_LOGIN_CAP_H */ + } + + if (getuid() != ssh_user_uid(uc) || geteuid() != ssh_user_uid(uc)) |