bugzilla-daemon at bugzilla.mindrot.org
2019-Jun-05 15:58 UTC
[Bug 3018] New: Forwarding unix-domain sockets to/from remote homedir-relative locations
https://bugzilla.mindrot.org/show_bug.cgi?id=3018 Bug ID: 3018 Summary: Forwarding unix-domain sockets to/from remote homedir-relative locations Product: Portable OpenSSH Version: 8.0p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: sshd Assignee: unassigned-bugs at mindrot.org Reporter: dkg at fifthhorseman.net If i'm using RemoteForward or LocalForward with unix-domain sockets, sometimes i want to specify a socket that is relative to the homedir on the remote system. It would be nice to be able to specify this simply in the appropriate place in ssh_config without having to know and hard-code my homedir for each remote host into host-specific stanzas. for example, it would be nice to be able to use: ssh -o 'RemoteForward=~/.foo:~/.foo' $host and have them be relative to the respective home directories, even if it's `/home/dkg/.foo` on the local system and `/users/example.org/admin/.foo` on the remote system. I note that using relative paths for the remote side of forwarding links seems to treat them as "relative" to the root directory. so: ssh -o 'RemoteForward=foo/bar:foo/bar' $host uses /foo/bar on the remote side, but treats the local side as relative to the cwd of the ssh client (note that this gets confusing when using socket multiplexing, but that is a separate issue). I also note that it might be nice to have other expansions besides the homedir, which makes me wonder whether it might make more sense to use tokens here (c.f. "TOKENS" section in sshd_config(5), at least %h and %U and %u), so that we could use: ssh -o 'RemoteForward=%h/.foo:/home/dkg/.foo' $host But i don't know how to introduce such a change without breaking some potential existing configurations. Perhaps if the Unix-domain socket path is prefixed with a !, then the tokens would be applied? I think this would need to be handled on both the ssh and sshd side to make it work, though, and we'd need to sort out whether to retcon this into the definition of `streamlocal` extension (defined in section 2.4 of PROTOCOL) or to define a new extension. -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2020-Jan-13 17:10 UTC
[Bug 3018] Forwarding unix-domain sockets to/from remote homedir-relative locations
https://bugzilla.mindrot.org/show_bug.cgi?id=3018 J?r?me Carretero <cJ-mr at zougloub.eu> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |cJ-mr at zougloub.eu --- Comment #1 from J?r?me Carretero <cJ-mr at zougloub.eu> --- When the session subprocess is created, its cwd is /. Given that a user can always access / using an absolute path, maybe it would be reasonable to chdir to the user's $HOME if it exists? Then a relative path (without the need of ~-expanding) in the expression of RemoteForward would be relative to $HOME... -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2023-Sep-14 11:55 UTC
[Bug 3018] Forwarding unix-domain sockets to/from remote homedir-relative locations
https://bugzilla.mindrot.org/show_bug.cgi?id=3018 Celeste Liu <CoelacanthusHex at gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |CoelacanthusHex at gmail.com -- You are receiving this mail because: You are watching the assignee of the bug.