> Would anybody happen to have or know of a patch to make /etc/default/login
> PATH and SUPATH the default openssh path? We have customized paths for each
> school of engineering (each have their own customized site bin). This is
> easily controled with /etc/default/login. The --with-default-path option
> is too rigid. This is Solaris I am talking about.
My patch below adds an "sshd_config" option called
"SysEnvFile".
The new setting allows you to specify an arbitrary default environment
for SSH login sessions.
(Curiously, similar behavior is available for AIX users --
check "session.c" for AIX-related #ifdef's and you'll see what
I mean.)
--
Adam Tilghman | Systems Support / Academic Computing | +1 858 822 0711
agt at ucsd.edu | University of California, San Diego | fax +1 858 534 7018
diff -r -c openssh-2.5.1p1/servconf.c openssh-2.5.1p1-1/servconf.c
*** openssh-2.5.1p1/servconf.c Wed Feb 14 19:08:27 2001
--- openssh-2.5.1p1-1/servconf.c Thu Mar 1 15:45:03 2001
***************
*** 81,86 ****
--- 81,87 ----
options->challenge_reponse_authentication = -1;
options->permit_empty_passwd = -1;
options->use_login = -1;
+ options->sys_environment_file = NULL;
options->allow_tcp_forwarding = -1;
options->num_allow_users = 0;
options->num_deny_users = 0;
***************
*** 210,216 ****
sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress,
sPrintMotd, sIgnoreRhosts, sX11Forwarding, sX11DisplayOffset,
sStrictModes, sEmptyPasswd, sRandomSeedFile, sKeepAlives, sCheckMail,
! sUseLogin, sAllowTcpForwarding,
sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem,
sMaxStartups,
--- 211,217 ----
sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress,
sPrintMotd, sIgnoreRhosts, sX11Forwarding, sX11DisplayOffset,
sStrictModes, sEmptyPasswd, sRandomSeedFile, sKeepAlives, sCheckMail,
! sUseLogin, sSysEnvFile, sAllowTcpForwarding,
sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem,
sMaxStartups,
***************
*** 261,266 ****
--- 262,268 ----
{ "strictmodes", sStrictModes },
{ "permitemptypasswords", sEmptyPasswd },
{ "uselogin", sUseLogin },
+ { "sysenvfile", sSysEnvFile },
{ "randomseed", sRandomSeedFile },
{ "keepalive", sKeepAlives },
{ "allowtcpforwarding", sAllowTcpForwarding },
***************
*** 583,588 ****
--- 585,594 ----
case sUseLogin:
intptr = &options->use_login;
goto parse_flag;
+
+ case sSysEnvFile:
+ charptr = &options->sys_environment_file;
+ goto parse_filename;
case sGatewayPorts:
intptr = &options->gateway_ports;
diff -r -c openssh-2.5.1p1/servconf.h openssh-2.5.1p1-1/servconf.h
*** openssh-2.5.1p1/servconf.h Wed Feb 14 19:08:27 2001
--- openssh-2.5.1p1-1/servconf.h Thu Mar 1 15:46:40 2001
***************
*** 93,98 ****
--- 93,99 ----
int permit_empty_passwd; /* If false, do not permit empty
* passwords. */
int use_login; /* If true, login(1) is used */
+ char *sys_environment_file;
int allow_tcp_forwarding;
u_int num_allow_users;
char *allow_users[MAX_ALLOW_USERS];
diff -r -c openssh-2.5.1p1/session.c openssh-2.5.1p1-1/session.c
*** openssh-2.5.1p1/session.c Sun Feb 18 11:13:34 2001
--- openssh-2.5.1p1-1/session.c Thu Mar 1 15:46:11 2001
***************
*** 1261,1266 ****
--- 1261,1269 ----
/* read $HOME/.ssh/environment. */
if (!options.use_login) {
+ if (options.sys_environment_file != NULL) {
+ read_environment_file(&env, &envsize,
options.sys_environment_file);
+ }
snprintf(buf, sizeof buf, "%.200s/.ssh/environment",
pw->pw_dir);
read_environment_file(&env, &envsize, buf);
diff -r -c openssh-2.5.1p1/sshd.8 openssh-2.5.1p1-1/sshd.8
*** openssh-2.5.1p1/sshd.8 Wed Feb 14 19:08:28 2001
--- openssh-2.5.1p1-1/sshd.8 Thu Mar 1 16:03:04 2001
***************
*** 669,674 ****
--- 669,681 ----
file transfer subsystem.
By default no subsystems are defined.
Note that this option applies to protocol version 2 only.
+ .It Cm SysEnvFile
+ Specifies a file containing the system-wide default environment in
+ .Dq VARNAME=value
+ format (default is none.) The contents of a user's
+ .Pa $HOME/.ssh/environment
+ file, if found, will override variables set within the
+ .Cm SysEnvFile .
.It Cm SyslogFacility
Gives the facility code that is used when logging messages from
.Nm sshd .