The attached patch adds support for array sessions, project id's, and
system audit trail id. Arrays are available at least on UNICOS in
addition to IRIX. The project id & audit stuff is IRIX specific.
Otherwise, the IRIX support in the current OpenSSHp looks good. (There
were some utmp/wtmp oddities, but I think they've gone away in the
latest release.)
--
Mike Stone
-------------- next part --------------
*** openssh-2.1.1p1.orig/configure.in Thu Jun 08 21:58:35 EDT 2000
--- openssh-2.1.1p1/configure.in Wed Jun 21 14:16:26 EDT 2000
***************
*** 89,94 ****
--- 89,97 ----
LDFLAGS="$LDFLAGS"
MANTYPE='$(CATMAN)'
AC_MSG_WARN([*** Irix 6.x is not tested, please report you experiences *** ])
+ AC_DEFINE(WITH_ARRAY)
+ AC_DEFINE(WITH_IRIX_PROJECT)
+ AC_DEFINE(WITH_IRIX_AUDIT)
no_libsocket=1
no_libnsl=1
;;
*** openssh-2.1.1p1.orig/config.h.in Fri Jun 09 06:56:25 EDT 2000
--- openssh-2.1.1p1/config.h.in Wed Jun 21 14:17:02 EDT 2000
***************
*** 15,20 ****
--- 15,29 ----
/* Define if you want to enable AIX4's authenticate function */
#undef WITH_AIXAUTHENTICATE
+ /* Define if you have/want arrays (cluster-wide session managment, not C
arrays) */
+ #undef WITH_ARRAY
+
+ /* Define if you want IRIX project management */
+ #undef WITH_IRIX_PROJECT
+
+ /* Define if you want IRIX audit trails */
+ #undef WITH_IRIX_AUDIT
+
/* Location of random number pool */
#undef RANDOM_POOL
*** openssh-2.1.1p1.orig/session.c Wed Jun 07 07:22:38 EDT 2000
--- openssh-2.1.1p1/session.c Wed Jun 21 15:05:37 EDT 2000
***************
*** 27,32 ****
--- 27,36 ----
#include "ssh2.h"
#include "auth.h"
+ #ifdef WITH_IRIX_PROJECT
+ #include <proj.h>
+ #endif /* WITH_IRIX_PROJECT */
+
/* types */
#define TTYSZ 64
***************
*** 810,815 ****
--- 814,822 ----
extern char **environ;
struct stat st;
char *argv[10];
+ #ifdef WITH_IRIX_PROJECT
+ prid_t projid;
+ #endif /* WITH_IRIX_PROJECT */
/* login(1) is only called if we execute the login shell */
if (options.use_login && command != NULL)
***************
*** 846,851 ****
--- 853,877 ----
exit(1);
}
endgrent();
+
+ #ifdef WITH_ARRAY
+ /* initialize array session */
+ if (newarraysess() != 0)
+ fatal("Failed to set up new array session: %.100s",
+ strerror(errno));
+ #endif /* WITH_ARRAY */
+
+ #ifdef WITH_IRIX_PROJECT
+ /* initialize irix project info */
+ if ((projid = getdfltprojuser(pw->pw_name)) == -1) {
+ debug("Failed to get project id, using projid 0");
+ projid = 0;
+ }
+
+ if (setprid(projid))
+ fatal("Failed to initialize project %d for %s: %.100s",
+ (int)projid, pw->pw_name, strerror(errno));
+ #endif /* WITH_IRIX_PROJECT */
/* Permanently switch to the desired uid. */
permanently_set_uid(pw->pw_uid);
*** openssh-2.1.1p1.orig/uidswap.c Sat Apr 15 21:18:49 EDT 2000
--- openssh-2.1.1p1/uidswap.c Wed Jun 21 15:14:07 EDT 2000
***************
*** 11,16 ****
--- 11,19 ----
#include "ssh.h"
#include "uidswap.h"
+ #ifdef WITH_IRIX_AUDIT
+ #include <sat.h>
+ #endif /* WITH_IRIX_AUDIT */
/*
* Note: all these functions must work in all of the following cases:
***************
*** 83,88 ****
--- 86,99 ----
void
permanently_set_uid(uid_t uid)
{
+ #ifdef WITH_IRIX_AUDIT
+ if (sysconf(_SC_AUDIT)) {
+ debug("Setting sat id to %d", (int) uid);
+ if (satsetid(uid))
+ fatal("error setting satid: %.100s", strerror(errno));
+ }
+ #endif /* WITH_IRIX_AUDIT */
+
if (setuid(uid) < 0)
debug("setuid %d: %.100s", (int) uid, strerror(errno));
}
