Displaying 17 results from an estimated 17 matches for "syslog_facility_auth".
2002 Dec 18
2
patch for openssh3.5p1 - adds logging option
...rver.c openssh-3.5p1/sftp-server.c
--- openssh-3.5p1-orig/sftp-server.c 2002-12-18 10:10:13.000000000 -0500
+++ openssh-3.5p1/sftp-server.c 2002-12-18 10:42:50.000000000 -0500
@@ -1021,7 +1021,7 @@
handle_init();
#ifdef DEBUG_SFTP_SERVER
- log_init("sftp-server", SYSLOG_LEVEL_DEBUG1, SYSLOG_FACILITY_AUTH, 0);
+ log_init("sftp-server", SYSLOG_LEVEL_DEBUG1, SYSLOG_FACILITY_AUTH, 0,NULL);
#endif
in = dup(STDIN_FILENO);
diff -urN openssh-3.5p1-orig/sftp.c openssh-3.5p1/sftp.c
--- openssh-3.5p1-orig/sftp.c 2002-12-18 10:10:13.000000000 -0500
+++ openssh-3.5p1/sftp.c 2002-12-18 10:43:04.00...
2000 May 29
1
Syslog facility in Linux
Hi !
While browsing Linux manpages (man 3 syslog) I noticed that the manual
says that the LOG_AUTH facility is deprecated use LOG_AUTHPRIV instead.
Is there a good reason why OpenSSH doesn't have an option to use
LOG_AUTHPRIV facility ? (Looks like that tcpd/telnet etc. use the AUTHPRIV
facility (in RH6.2)).
Shouldn't be too hard to add the AUTH_PRIV facility ?
Cheers,
-Jarno
--
2003 Aug 16
0
sftp-server (secure) chroot patch, comment fix
...oups: %.100s", strerror(errno));
+ permanently_set_uid(pw);
+}
+#endif /* CHROOT */
+
static int
errno_to_portable(int unixerrno)
{
@@ -1028,15 +1082,19 @@
int in, out, max;
ssize_t len, olen, set_size;
+#ifdef DEBUG_SFTP-SERVER
+ log_init("sftp-server", SYSLOG_LEVEL_DEBUG3, SYSLOG_FACILITY_AUTH, 0);
+#endif
+
+#ifdef CHROOT
+ chroot_init();
+#endif
+
/* XXX should use getopt */
__progname = get_progname(av[0]);
handle_init();
-#ifdef DEBUG_SFTP_SERVER
- log_init("sftp-server", SYSLOG_LEVEL_DEBUG1, SYSLOG_FACILITY_AUTH, 0);
-#endif
-
in = dup(STDIN_FILENO);
out = du...
2003 Sep 30
1
[PATCH] sftp-server (secure) chroot patch, 3.7.1p2 update
...", (u_int)pw->pw_gid );
+
+ permanently_set_uid(pw);
+
+}
+#endif /* CHROOT */
+
static int
errno_to_portable(int unixerrno)
{
@@ -1028,15 +1081,19 @@
int in, out, max;
ssize_t len, olen, set_size;
+#ifdef DEBUG_SFTP_SERVER
+ log_init(\"sftp-server\", SYSLOG_LEVEL_DEBUG1, SYSLOG_FACILITY_AUTH,
0);
+#endif
+
+#ifdef CHROOT
+ chroot_init();
+#endif
+
/* XXX should use getopt */
__progname = ssh_get_progname(av[0]);
handle_init();
-#ifdef DEBUG_SFTP_SERVER
- log_init(\"sftp-server\", SYSLOG_LEVEL_DEBUG1, SYSLOG_FACILITY_AUTH,
0);
-#endif
-
in = dup(STDIN_FILENO);
ou...
2001 Jan 04
2
Patch to allow openssh-2.2.0-p1 to be started from /etc/inittab
...hd.c openssh-2.2.0p1-pen1/sshd.c
*** openssh-2.2.0p1/sshd.c Tue Aug 29 02:05:50 2000
--- openssh-2.2.0p1-pen1/sshd.c Thu Jan 4 23:30:46 2001
***************
*** 552,558 ****
log_init(av0,
options.log_level == -1 ? SYSLOG_LEVEL_INFO : options.log_level,
options.log_facility == -1 ? SYSLOG_FACILITY_AUTH : options.log_facility,
! !silent && !inetd_flag);
/* Read server configuration options from the configuration file. */
read_server_config(&options, config_file_name);
--- 552,558 ----
log_init(av0,
options.log_level == -1 ? SYSLOG_LEVEL_INFO : options.log_level,...
2003 Aug 16
0
sftp-server (secure) chroot patch?
...et_uid(pw);
+}
+#endif /* CHROOT */
+
static int
errno_to_portable(int unixerrno)
{
@@ -1028,15 +1082,17 @@
int in, out, max;
ssize_t len, olen, set_size;
- /* XXX should use getopt */
+#ifdef DEBUG_SFTP-SERVER
+ log_init("sftp-server", SYSLOG_LEVEL_DEBUG3, SYSLOG_FACILITY_AUTH, 0);
+#endif
+
+#ifdef CHROOT
+ chroot_init();
+#endif
__progname = get_progname(av[0]);
handle_init();
-#ifdef DEBUG_SFTP_SERVER
- log_init("sftp-server", SYSLOG_LEVEL_DEBUG1, SYSLOG_FACILITY_AUTH, 0);
-#endif
-
in = dup(STDIN_FILENO);
out =...
2001 Jun 20
1
SFTP Logging Redux.
...ULL) {
+ cuname = NULL;
+ } else {
+ cuname = upw->pw_name;
+ }
+
+ /* Initialize the parent process ID. */
+ ppid = getppid();
+
+ /* Initialize the logfile, loglevel dependent on DEBUG compile-time setting. */
#ifdef DEBUG_SFTP_SERVER
log_init("sftp-server", SYSLOG_LEVEL_DEBUG1, SYSLOG_FACILITY_AUTH, 0);
+#else
+ log_init("sftp-server", SYSLOG_LEVEL_INFO, SYSLOG_FACILITY_AUTH, 0);
#endif
+ /* Log session start. */
+ log("(%d/%d/%s) SFTP session started.", ppid, cuid, CUNAME);
+
in = dup(STDIN_FILENO);
out = dup(STDOUT_FILENO);
@@ -1073,6 +1129,7 @@
if (select(ma...
2002 Mar 26
1
Two patches for OpenSSH 3.1p1
...*
* Force logging to stderr until we have loaded the private host
! * key (unless started from inetd)
*/
log_init(__progname,
options.log_level == SYSLOG_LEVEL_NOT_SET ?
SYSLOG_LEVEL_INFO : options.log_level,
options.log_facility == SYSLOG_FACILITY_NOT_SET ?
SYSLOG_FACILITY_AUTH : options.log_facility,
! !inetd_flag);
#ifdef _CRAY
/* Cray can define user privs drop all prives now!
--- 713,726 ----
/*
* Force logging to stderr until we have loaded the private host
! * key (unless started from inetd or init)
*/
log_init(__progname,
opti...
2001 Dec 18
1
chroot howto for sftp-server
...directory %s: %s",user_dir, strerror(errno));
+
+ setenv("HOME", new_root, 1);
+ break;
+ }
+ new_root += 2;
+ }
+}
+#endif /* CHROOT */
+
int
main(int ac, char **av)
{
@@ -1022,6 +1054,13 @@
#ifdef DEBUG_SFTP_SERVER
log_init("sftp-server", SYSLOG_LEVEL_DEBUG1, SYSLOG_FACILITY_AUTH, 0);
#endif
+
+#ifdef CHROOT
+ chroot_init();
+#endif /* CHROOT */
+
+ if (setuid(getuid()) != 0)
+ fatal("Couldn't drop privileges: %s", strerror(errno));
in = dup(STDIN_FILENO);
out = dup(STDOUT_FILENO);
--
manfred heubach edv und neue medien
Hindenburgstr. 47
D-73728 Ess...
2010 Nov 02
1
SFTP subsystem and umask
Hello,
I have noticed that the -u parameter to the sftp-server or internal-sftp subsystem is not working correctly. For openssh-5.6p1 I believe that the problem lies in this code, starting at line 1414 in sftp-server.c:
----------------------------------------------------------
case 'u':
mask = (mode_t)strtonum(optarg, 0, 0777, &errmsg);
if (errmsg != NULL)
2002 Mar 15
4
PATCH: sftp-server logging.
.... */
+ cuid = getuid();
+ if ((upw = getpwuid(cuid)) == NULL) {
+ cuname = NULL;
+ } else {
+ cuname = xstrdup(upw->pw_name);
+ }
+
+ /* Initialize the parent process ID. */
+ ppid = getppid();
+
+ /* Initialize the logfile. */
+ log_init("sftp-server", SYSLOG_LEVEL_INFO, SYSLOG_FACILITY_AUTH, 0);
+
+ /* Log session start. */
+ log("(%d/%d/%s) SFTP session started.", ppid, cuid, CUNAME);
+ #endif
+
#ifdef DEBUG_SFTP_SERVER
log_init("sftp-server", SYSLOG_LEVEL_DEBUG1, SYSLOG_FACILITY_AUTH, 0);
#endif
***************
*** 1087,1092 ****
--- 1292,1300 ----...
2006 Oct 09
1
About sftp-server root path
Hi,
I saw in archive that some people made a patch to sftp-server, and that patch
sets a root path.
I'd like to know if there's an ideia to apply that patch in main tree of
openssh?
With the use of SSHFS [wich uses sftp-server], it would be interesting to
have someting like that, because as we have netboot workstations, the access
to devices [such as, floppy, cdrom and usb data] are
2001 May 24
1
chroot sftp-server [PATCH]
I'm working on setting up a semi-trusted sftp service, and to get it
working, I need chroot capability.
I've taken the /./ wuftpd magic token code from contrib/chroot.diff and
put it into the sftp server. The main problem is that privileges have
been dropped by the time the subsystem is exec'ed, so my patch requires
that sftp-server be setuid root. Not ideal, I know, but I drop all
2007 Nov 11
1
ftp-server patch - restrict user to directory
...fprintf(stderr,
- "usage: %s [-he] [-l log_level] [-f log_facility]\n", __progname);
+ "usage: %s [-he] [-l log_level] [-F config_file] [-f log_facility]\n", __progname);
exit(1);
}
@@ -1215,6 +1395,7 @@
ssize_t len, olen, set_size;
SyslogFacility log_facility = SYSLOG_FACILITY_AUTH;
char *cp, buf[4*4096];
+ int config_file_mandatory = 0;
extern char *optarg;
extern char *__progname;
@@ -1225,7 +1406,7 @@
__progname = ssh_get_progname(argv[0]);
log_init(__progname, log_level, log_facility, log_stderr);
- while (!skipargs && (ch = getopt(argc, argv, "...
2020 Jan 30
6
[PATCH 1/2] Add support for openssl engine based keys
...t agent_fd;
- char *pkcs11provider = NULL, *skprovider = NULL;
+ char *pkcs11provider = NULL, *skprovider = NULL, *opensslengine = NULL;
int r, i, ch, deleting = 0, ret = 0, key_only = 0, do_download = 0;
int xflag = 0, lflag = 0, Dflag = 0, qflag = 0, Tflag = 0;
SyslogFacility log_facility = SYSLOG_FACILITY_AUTH;
@@ -653,7 +679,7 @@ main(int argc, char **argv)
skprovider = getenv("SSH_SK_PROVIDER");
- while ((ch = getopt(argc, argv, "vkKlLcdDTxXE:e:M:m:qs:S:t:")) != -1) {
+ while ((ch = getopt(argc, argv, "vkKlLcdDTxXE:e:M:m:qs:S:t:o:")) != -1) {
switch (ch) {
case...
2001 Nov 12
4
Please test -current
Could people please test -current? We will be making a release fairly
soon.
-d
--
| By convention there is color, \\ Damien Miller <djm at mindrot.org>
| By convention sweetness, By convention bitterness, \\ www.mindrot.org
| But in reality there are atoms and space - Democritus (c. 400 BCE)
2001 Nov 20
3
problem with AFS token forwarding
Hello,
I came across an interoperability problem in OpenSSH 3.0p1 and 3.0.1p1
concerning the AFS token forwarding. That means that the new versions are
not able to exchange AFS tokens (and Kerberos TGTs) with older OpenSSH
releases (including 2.9p2) and with the old SSH 1.2.2x. In my opinion this
problem already existed in Openssh 2.9.9p1, but I have never used this
version (I only looked at the