search for: with_selinux

...-3.9p1_vanilla/auth.h openssh-3.9p1_selinux/auth.h --- openssh-3.9p1_vanilla/auth.h 2004-05-24 02:36:23.000000000 +0200 +++ openssh-3.9p1_selinux/auth.h 2004-09-07 18:03:09.000000000 +0200 @@ -57,6 +57,9 @@ char *service; struct passwd *pw; /* set if 'valid' */ char *style; +#ifdef WITH_SELINUX + char *role; +#endif void *kbdintctxt; #ifdef BSD_AUTH auth_session_t *as; diff -u --new-file --recursive openssh-3.9p1_vanilla/auth1.c openssh-3.9p1_selinux/auth1.c --- openssh-3.9p1_vanilla/auth1.c 2004-08-12 14:40:25.000000000 +0200 +++ openssh-3.9p1_selinux/auth1.c 2004-09-07 18:04:03.0...

...cludes "exit(1)" just after the password change. static void do_pwchange(Session *s) { fflush(NULL); fprintf(stderr, "WARNING: Your password has expired.\n"); if (s->ttyfd != -1) { fprintf(stderr, "You must change your password now and login again!\n"); #ifdef WITH_SELINUX setexeccon(NULL); #endif #ifdef PASSWD_NEEDS_USERNAME execl(_PATH_PASSWD_PROG, "passwd", s->pw->pw_name, (char *)NULL); #else execl(_PATH_PASSWD_PROG, "passwd", (char *)NULL); #endif perror("passwd"); } else { fprintf(stderr, "Password change require...

Hi, (please CC me as I'm not subscribed to the list) If compiled with SELinux support, OpenSSH 4.8 current cvs fails for accounts where the new ChrootDirectory option is active : debug1: PAM: establishing credentials debug3: PAM: opening session debug2: User child is on pid 1695 debug3: mm_request_receive entering debug1: PAM: establishing credentials debug3: safely_chroot: checking

OpenSSH 5.7 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. Once again, we would like to thank the OpenSSH community for their continued support of the project, especially those who contributed code or patches,

<snip> > @@ -3157,19 +3155,18 @@ LIBSELINUX="" > AC_ARG_WITH(selinux, > [ --with-selinux Enable SELinux support], > [ if test "x$withval" != "xno" ; then > + save_LIBS="$LIBS" > AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.]) > SELINUX_MSG="yes" > AC_CHECK_HEADER([selinux/selinux.h], , > AC_MSG_ERROR(SELinux support requires selinux.h header)) > AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ], > AC_MSG_ERROR(S...

---------------------------------------------------- Summary: fix a memory leak for Openssh ---------------------------------------------------- Upstream Project Name: OpenSSH Upstream Project URL: anoncvs at anoncvs.mindrot.org:/cvs Applies to: anoncvs at anoncvs.mindrot.org:/cvs Brief Description: the memory which is allocated by matchpathcon should be freed after it is used Will Submit to:

...nbsd-compat/port-linux.c @@ -217,8 +217,10 @@ ssh_selinux_setfscreatecon(const char *p setfscreatecon(NULL); return; } - if (matchpathcon(path, 0700, &context) == 0) + if (matchpathcon(path, 0700, &context) == 0) { setfscreatecon(context); + freecon(context); + } } #endif /* WITH_SELINUX */

...compat/port-linux.c @@ -217,8 +217,10 @@ ssh_selinux_setfscreatecon(const char *p setfscreatecon(NULL); return; } - if (matchpathcon(path, 0700, &context) == 0) + if (matchpathcon(path, 0700, &context) == 0) { setfscreatecon(context); + freecon(context); + } } #endif /* WITH_SELINUX */

...ing "aide --update", I'm getting this warning message on /var/log/messages "aide: Libgcrypt warning: missing initialization - please fix the application" Below is the aide version installed: aide -v Aide 0.13.1 Compiled with the following options: WITH_MMAP WITH_POSIX_ACL WITH_SELINUX WITH_XATTR WITH_LSTAT64 WITH_READDIR64 WITH_GCRYPT WITH_AUDIT CONFIG_FILE = "/etc/aide.conf" Anyone getting similar message when running aide? New Email addresses available on Yahoo! Get the Email name you&#39;ve always wanted on the new @ymail and @rocketmail. Hurry before...

...SHDLIBS -ldl" ;; esac fi - AC_SUBST(LIBPAM) fi ] ) @@ -3157,19 +3155,18 @@ LIBSELINUX="" AC_ARG_WITH(selinux, [ --with-selinux Enable SELinux support], [ if test "x$withval" != "xno" ; then + save_LIBS="$LIBS" AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.]) SELINUX_MSG="yes" AC_CHECK_HEADER([selinux/selinux.h], , AC_MSG_ERROR(SELinux support requires selinux.h header)) AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ], AC_MSG_ERROR(SELinux support requires l...

Hello All. How do I find out what flags were used to compile the Centos openldap-2.3.27-8.el5_2.4 rpm package? I'm specifically wondering if it was compiled with --enable-lmpasswd Thanks! -- Flambeau Inc. Technology Center - Baraboo, WI Email : tblader at flambeau.com Keyserver: http://pgp.mit.edu KeyID: 0x00E9EC2C

https://bugzilla.mindrot.org/show_bug.cgi?id=1470 Summary: adjust Linux out-of-memory killer to stop sshd being killed Classification: Unclassified Product: Portable OpenSSH Version: 5.0p1 Platform: All URL: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=34176 7 OS/Version: Linux

Hi If I try to run configure for openssh-5.1p1 with --wtih-selinux option it fails giving the error "selinux support requires selinux library" all of the below also dont work a) --wtih-selinux b) --wtih-selinux=path of cross complied library c) LDFLAGS=-Lpath of cross complied library if I remove --wtih-selinux option I am able to everything is fine. How to solve this error? Thanks

https://bugzilla.mindrot.org/show_bug.cgi?id=1637 Summary: Change the context when starting internal-sftp Product: Portable OpenSSH Version: 5.2p1 Platform: Other OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: sftp-server AssignedTo: unassigned-bugs at mindrot.org

https://bugzilla.mindrot.org/show_bug.cgi?id=1850 Summary: Build fails when SELinux is enabled Product: Portable OpenSSH Version: 5.7p1 Platform: All OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: Build system AssignedTo: unassigned-bugs at mindrot.org ReportedBy:

Hi, The 4.4p1 release is approaching now, so we are now asking people to actively test snapshots or CVS and report back to the mailing list. Snapshots are available from http://www.mindrot.org/openssh_snap or from any of the mirrors listed on http://www.openssh.org/portable.html The latter page also includes instructions for checking out portable OpenSSH via anonymous CVS. This release