Corinna Vinschen
2008-Nov-07 10:54 UTC
[PATCH/cygwin] Fix cygwin specific Makefile and a bug in the ssh-host-config script
Hi, could somebody be so kind to check in the follwoing patch? It fixes two problems: - contrib/cygwin/Makefile: Installs new docs and stops trying to install RFC.nroff. - contrib/cygwin/ssh-host-config: Fixes a condition which tries to find out if ssh or sshd processes are still running. The old version unfortunately stumbles over user names which contain the substring "ssh" :} Thanks in advance, Corinna Index: contrib/cygwin/Makefile ==================================================================RCS file: /cvs/openssh/contrib/cygwin/Makefile,v retrieving revision 1.3 diff -u -p -r1.3 Makefile --- contrib/cygwin/Makefile 14 Jul 2008 02:12:54 -0000 1.3 +++ contrib/cygwin/Makefile 7 Nov 2008 10:49:30 -0000 @@ -38,11 +38,13 @@ install-sshdoc: $(INSTALL) -m 644 $(srcdir)/ChangeLog $(DESTDIR)$(sshdocdir)/ChangeLog $(INSTALL) -m 644 $(srcdir)/LICENCE $(DESTDIR)$(sshdocdir)/LICENCE $(INSTALL) -m 644 $(srcdir)/OVERVIEW $(DESTDIR)$(sshdocdir)/OVERVIEW + $(INSTALL) -m 644 $(srcdir)/PROTOCOL $(DESTDIR)$(sshdocdir)/PROTOCOL + $(INSTALL) -m 644 $(srcdir)/PROTOCOL.agent $(DESTDIR)$(sshdocdir)/PROTOCOL.agent $(INSTALL) -m 644 $(srcdir)/README $(DESTDIR)$(sshdocdir)/README $(INSTALL) -m 644 $(srcdir)/README.dns $(DESTDIR)$(sshdocdir)/README.dns + $(INSTALL) -m 644 $(srcdir)/README.platform $(DESTDIR)$(sshdocdir)/README.platform $(INSTALL) -m 644 $(srcdir)/README.privsep $(DESTDIR)$(sshdocdir)/README.privsep $(INSTALL) -m 644 $(srcdir)/README.smartcard $(DESTDIR)$(sshdocdir)/README.smartcard - $(INSTALL) -m 644 $(srcdir)/RFC.nroff $(DESTDIR)$(sshdocdir)/RFC.nroff $(INSTALL) -m 644 $(srcdir)/TODO $(DESTDIR)$(sshdocdir)/TODO $(INSTALL) -m 644 $(srcdir)/WARNING.RNG $(DESTDIR)$(sshdocdir)/WARNING.RNG Index: contrib/cygwin/ssh-host-config ==================================================================RCS file: /cvs/openssh/contrib/cygwin/ssh-host-config,v retrieving revision 1.22 diff -u -p -r1.22 ssh-host-config --- contrib/cygwin/ssh-host-config 14 Jul 2008 02:12:54 -0000 1.22 +++ contrib/cygwin/ssh-host-config 7 Nov 2008 10:49:30 -0000 @@ -456,7 +456,7 @@ done # Check for running ssh/sshd processes first. Refuse to do anything while # some ssh processes are still running -if ps -ef | grep -v grep | grep -q ssh +if ps -ef | grep -v grep | grep -q 'sshd*$' then echo csih_error "There are still ssh processes running. Please shut them down first." -- Corinna Vinschen Cygwin Project Co-Leader Red Hat
Daniel Kahn Gillmor
2008-Nov-07 14:23 UTC
[PATCH/cygwin] Fix cygwin specific Makefile and a bug in the ssh-host-config script
On Fri 2008-11-07 05:54:58 -0500, Corinna Vinschen wrote:> diff -u -p -r1.22 ssh-host-config > --- contrib/cygwin/ssh-host-config 14 Jul 2008 02:12:54 -0000 1.22 > +++ contrib/cygwin/ssh-host-config 7 Nov 2008 10:49:30 -0000 > @@ -456,7 +456,7 @@ done > > # Check for running ssh/sshd processes first. Refuse to do anything while > # some ssh processes are still running > -if ps -ef | grep -v grep | grep -q ssh > +if ps -ef | grep -v grep | grep -q 'sshd*$' > then > echo > csih_error "There are still ssh processes running. Please shut them down first."This regular expression seems to match any line that ends in sshddddd... That is, sshd* matches sshd followed by any number of d characters. Is that really what is intended? I don't run any cygwin systems any more, so i can't be certain that this incorrect, but it seems unlikely to me. Also, it seems that this check (with the grep -v grep) will also *miss* any processes owned by usernames that contain the string "grep". On my debian box, some sshd processes look like this due to privsep (e.g. for the sales representative for bags and backpacks): bagrep 26479 26476 0 01:02 ? 00:00:00 sshd: bagrep at pts/5 If you're trying to match this kind of process, it would get missed by the above invocation. Are you trying to match running sshd processes that have *not* dropped privileges yet? or all sshd processes? Sorry for not knowing more about cygwin and not being more helpful. --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 826 bytes Desc: not available Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20081107/8e6c03e9/attachment.bin
Daniel Kahn Gillmor
2008-Nov-07 14:46 UTC
[PATCH/cygwin] Fix cygwin specific Makefile and a bug in the ssh-host-config script
On Fri 2008-11-07 05:54:58 -0500, Corinna Vinschen wrote:> diff -u -p -r1.22 ssh-host-config > --- contrib/cygwin/ssh-host-config 14 Jul 2008 02:12:54 -0000 1.22 > +++ contrib/cygwin/ssh-host-config 7 Nov 2008 10:49:30 -0000 > @@ -456,7 +456,7 @@ done > > # Check for running ssh/sshd processes first. Refuse to do anything while > # some ssh processes are still running > -if ps -ef | grep -v grep | grep -q ssh > +if ps -ef | grep -v grep | grep -q 'sshd*$' > then > echo > csih_error "There are still ssh processes running. Please shut them down first."Sorry: i should have offered a solution to the grep -v grep thing instead of just pointing out the problem. One way to avoid grep matching itself when scanning the process table is to use a non-self-matching regex. So for example, instead of doing: ps -ef | grep -q 'sshd' You could do: ps -ef | grep -q '[s]shd' which means the same thing from a regex perspective, but does not self-match: [0 dkg at squeak ~]$ echo 'grep -q sshd' | grep 'sshd' grep -q sshd [0 dkg at squeak ~]$ echo 'grep -q [s]shd' | grep '[s]shd' [1 dkg at squeak ~]$ Most non-literals like $ (meaning end of line) are sufficient for this also, since grep -q sshd$ does not self-match: [0 dkg at squeak ~]$ echo 'grep -q sshd$' | grep -q sshd$ [1 dkg at squeak ~]$ hth, --dkg -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 826 bytes Desc: not available Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20081107/dc5f6b98/attachment.bin