bugzilla-daemon at mindrot.org
2020-Aug-31 16:53 UTC
[Bug 3207] New: Match blocks ignored in files processed by Include
https://bugzilla.mindrot.org/show_bug.cgi?id=3207 Bug ID: 3207 Summary: Match blocks ignored in files processed by Include Product: Portable OpenSSH Version: 8.3p1 Hardware: amd64 OS: Linux Status: NEW Severity: normal Priority: P5 Component: sshd Assignee: unassigned-bugs at mindrot.org Reporter: devel at sapphirepaw.org Setup: main config file with "Include /etc/ssh/sshd_config.d/*.conf" line as the first active directive. Create /etc/ssh/sshd_config.d/test.conf with: Match Group sftponly ForceCommand internal-sftp ChrootDirectory /sftp Now, assuming a working chroot layout (/sftp owned root:root, /sftp/home/testuser exists, testuser is in group sftponly and their home dir is /home/testuser), run: sshd -C 'user=testuser' -T The ForceCommand and ChrootDirectory are not applied, both according to the test output, and in practice. Note that no error is generated. An inverted approach will chroot all users, thus proving that the config itself is successfully being loaded: ChrootDirectory /sftp Match Group ssh-users ChrootDirectory none Observed in Ubuntu 20.04, and unmodified builds of the 8.2p1 and 8.3p1 releases. The man page does not indicate this limitation. -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2020-Sep-01 01:59 UTC
[Bug 3207] Match blocks ignored in files processed by Include
https://bugzilla.mindrot.org/show_bug.cgi?id=3207 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED CC| |djm at mindrot.org Resolution|--- |DUPLICATE --- Comment #1 from Damien Miller <djm at mindrot.org> --- *** This bug has been marked as a duplicate of bug 3122 *** -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at mindrot.org
2021-Mar-03 22:52 UTC
[Bug 3207] Match blocks ignored in files processed by Include
https://bugzilla.mindrot.org/show_bug.cgi?id=3207 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #2 from Damien Miller <djm at mindrot.org> --- close bugs that were resolved in OpenSSH 8.5 release cycle -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
Possibly Parallel Threads
- [Bug 2282] New: When group member count exceeds 126, config reliant fails
- setting umask for internal-sftp users
- Syslog for chroot-jailed SFTP users?
- can you stop the trouble with file masks and default permissions?
- [Bug 1616] New: root owned empty subdirs are deletable by chroot users