Corinna Vinschen
2019-Jan-26 22:42 UTC
[PATCH 2/2] Cygwin: only tweak sshd_config file if it's new, drop creating sshd user
The sshd_config tweaks were executed even if the old file was still in place. Fix that. Also disable sshd user creation. It's not used on Cygwin. --- contrib/cygwin/ssh-host-config | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/contrib/cygwin/ssh-host-config b/contrib/cygwin/ssh-host-config index 52916d14ba94..cc36ea102f42 100644 --- a/contrib/cygwin/ssh-host-config +++ b/contrib/cygwin/ssh-host-config @@ -669,14 +669,24 @@ then fi # handle sshd_config +# make sure not to change the existing file +mod_before="" +if [ -e "${SYSCONFDIR}/sshd_config" ] +then + mod_before=$(stat "${SYSCONFDIR}/sshd_config" | grep '^Modify:') +fi csih_install_config "${SYSCONFDIR}/sshd_config" "${SYSCONFDIR}/defaults" || let ++warning_cnt +mod_now=$(stat "${SYSCONFDIR}/sshd_config" | grep '^Modify:') if ! /usr/bin/cmp "${SYSCONFDIR}/sshd_config" "${SYSCONFDIR}/defaults/${SYSCONFDIR}/sshd_config" >/dev/null 2>&1 then sshd_config_configured=yes fi -sshd_strictmodes || let warning_cnt+=$? -sshd_privsep || let warning_cnt+=$? -sshd_config_tweak || let warning_cnt+=$? +if [ "${mod_before}" != "${mod_now}" ] +then + sshd_strictmodes || let warning_cnt+=$? + sshd_config_tweak || let warning_cnt+=$? +fi +#sshd_privsep || let warning_cnt+=$? update_services_file || let warning_cnt+=$? update_inetd_conf || let warning_cnt+=$? install_service || let warning_cnt+=$? -- 2.20.1
Damien Miller
2019-Jan-27 22:58 UTC
[PATCH 2/2] Cygwin: only tweak sshd_config file if it's new, drop creating sshd user
On Sat, 26 Jan 2019, Corinna Vinschen wrote:> The sshd_config tweaks were executed even if the old file was > still in place. Fix that. Also disable sshd user creation. > It's not used on Cygwin.This and your previous have been merged - thanks again Corinna :) -d
Corinna Vinschen
2019-Jan-28 10:23 UTC
[PATCH 2/2] Cygwin: only tweak sshd_config file if it's new, drop creating sshd user
On Jan 28 09:58, Damien Miller wrote:> On Sat, 26 Jan 2019, Corinna Vinschen wrote: > > > The sshd_config tweaks were executed even if the old file was > > still in place. Fix that. Also disable sshd user creation. > > It's not used on Cygwin. > > This and your previous have been merged - thanks again Corinna :)Thanks Damien! I have a third patch in the loop which removes the requirement to create a special privileged account. But this has to wait until after the Cygwin 3.0 release. Corinna -- Corinna Vinschen Cygwin Maintainer Red Hat -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 833 bytes Desc: not available URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20190128/0fa04efe/attachment.asc>
Seemingly Similar Threads
- [patch/cygwin] contrib/cygwin/ssh-host-config
- [PATCH/cygwin]: Revised sshh-host-config script
- [patch/Cygwin]: Simplify host key generation in ssh-host-config script
- [PATCH] Cygwin: rel 3.0 drops requirement for privileged non-SYSTEM account
- [PATCH] Cygwin: Change service name to cygsshd