search for: read_environment_file

...e the fix should be applied in the upstream sources. Thanks. > sshd (in ssh 1:1.2.3-9) in its default configuration reads > /etc/environment file twice when a user logs in: first, it is > read through pam_env module of PAM (due to the configuration > in /etc/pam.d/ssh), and then by `read_environment_file()' > function of `sshd.c' itself. > The real problem is that the syntax of /etc/environment > assumed by these are slightly different (as of pam-modules > 0.72-9 and ssh 1:1.2.3-9); for example, pam_env supports > Bourne shell-like `export' prefix and quoting (surrou...

.../session.c *** openssh-2.5.1p1/session.c Sun Feb 18 11:13:34 2001 --- openssh-2.5.1p1-1/session.c Thu Mar 1 15:46:11 2001 *************** *** 1261,1266 **** --- 1261,1269 ---- /* read $HOME/.ssh/environment. */ if (!options.use_login) { + if (options.sys_environment_file != NULL) { + read_environment_file(&env, &envsize, options.sys_environment_file); + } snprintf(buf, sizeof buf, "%.200s/.ssh/environment", pw->pw_dir); read_environment_file(&env, &envsize, buf); diff -r -c openssh-2.5.1p1/sshd.8 openssh-2.5.1p1-1/sshd.8 *** openssh-2.5.1p1/sshd.8 Wed F...

Would anybody happen to have or know of a patch to make /etc/default/login PATH and SUPATH the default openssh path? We have customized paths for each school of engineering (each have their own customized site bin). This is easily controled with /etc/default/login. The --with-default-path option is too rigid. This is Solaris I am talking about. --mike

...sion.c 24 Jul 2002 16:55:27 -0000 @@ -899,7 +899,7 @@ auth_sock_name); /* read $HOME/.ssh/environment. */ - if (!options.use_login) { + if (options.permit_user_env && !options.use_login) { snprintf(buf, sizeof buf, "%.200s/.ssh/environment", pw->pw_dir); read_environment_file(&env, &envsize, buf);

Hi there. With OpenSSH 3.0.2p1 on Solaris, the locale does not appear to get set correctly at login, as it does with, say telnet: /etc/default/init: TZ=GB CMASK=022 LC_COLLATE=en_GB.ISO8859-1 LC_CTYPE=en_GB.ISO8859-1 LC_MESSAGES=C LC_MONETARY=en_GB.ISO8859-1 LC_NUMERIC=en_GB.ISO8859-1 LC_TIME=en_GB.ISO8859-1 When logging in via SSH: scot /home/scot > locale LANG=

...nv("AUTHSTATE")) != NULL) child_set_env(&env, &envsize, "AUTHSTATE", cp); if ((cp = getenv("KRB5CCNAME")) != NULL) child_set_env(&env, &envsize, "KRB5CCNAME", cp); read_environment_file(&env, &envsize, "/etc/environment"); } #endif It seems to me that this section of code takes the KRB5CCNAME from sshd (if it exists) and hands it off to the child. My question is, why would you ever want to do this? The next section of code is what confused me: #ifdef...

...in_env_size; + char *value; + + /* + * Read the assignments in file ETC_DEFAULT_LOGIN_FILENAME + * into the temporary environment default_login_env. + */ + default_login_env_size = 20; + default_login_env = xmalloc(default_login_env_size * sizeof(char *)); + default_login_env[0] = NULL; + read_environment_file(&default_login_env, &default_login_env_size, + ETC_DEFAULT_LOGIN_FILENAME); + + /* + * For each known flag in file ETC_DEFAULT_LOGIN_FILENAME + * if it is defined then set the proper environment variables. + */ + + /* Set environment variable SHELL only if ALTSHELL has value &quo...

..."log.h" #include "servconf.h" -------------- next part -------------- diff -aruN openssh-3.7.1p2.orig/session.c openssh-3.7.1p2/session.c --- openssh-3.7.1p2.orig/session.c Tue Sep 23 10:59:08 2003 +++ openssh-3.7.1p2/session.c Wed Sep 24 00:02:15 2003 @@ -1093,6 +1093,14 @@ read_environment_file(&env, &envsize, "/etc/environment"); } #endif +#ifdef HAVE_OSF_SIA + { + char *cp; + + if ((cp = getenv("KRB5CCNAME")) != NULL) + child_set_env(&env, &envsize, "KRB5CCNAME", cp); + } +#endif #ifdef KRB5 if (s->authctxt->krb5_ticket_file)...

.../environment. */ - if (options.permit_user_env && !options.use_login) { + if (!options.use_login && !auth_restricted(RESTRICT_ENV, pw)) { snprintf(buf, sizeof buf, "%.200s/.ssh/environment", strcmp(pw->pw_dir, "/") ? pw->pw_dir : ""); read_environment_file(&env, &envsize, buf); @@ -1102,6 +1100,10 @@ /* * Run $HOME/.ssh/rc, /etc/ssh/sshrc, or xauth (whichever is found * first in this order). + * + * A properly-implemented restricted shell doesn't need the + * restriction tests, but they're useful for reducing the + * amount of no...

Hi, sorry if it is the wrong approuch to suggest improvments to OpenSSH, but here comes my suggestion: I recently stumbled upon the scponly shell which in it's chroot:ed form is an ideal solution when you want to share some files with people you trust more or less. The problem is, if you use the scponlyc as shell, port forwarding is still allowed. This can of course be dissallowed in

...,&envsize,"KRB5CCNAME",krb5cc); + } + #ifdef KRB4 { extern char *ticket; *************** *** 2348,2353 **** --- 2395,2402 ---- if (auth_get_socket_name() != NULL) child_set_env(&env, &envsize, SSH_AUTHSOCKET_ENV_NAME, auth_get_socket_name()); + + read_environment_file(&env,&envsize,"/etc/environment"); /* read $HOME/.ssh/environment. */ if (!options.use_login) { -- Matt Richards