similar to: link(2) to rename files in sftp

I'm working on setting up a semi-trusted sftp service, and to get it working, I need chroot capability. I've taken the /./ wuftpd magic token code from contrib/chroot.diff and put it into the sftp server. The main problem is that privileges have been dropped by the time the subsystem is exec'ed, so my patch requires that sftp-server be setuid root. Not ideal, I know, but I drop all

And while we are at it, can you please comment on these patches as well, originally submitted around one year ago. Oh, and I think we can agree, that the secsh-filexfer standardization is dead, so there's not much point in trying to support newer protocol versions, which don't have statfs anyway. Thanks, Miklos ----- This is needed to be able to support statfs operation on an SSH

Sftp fails to correctly preserve permissions when fetching a file. It adds write permission for the owner (presumably so it can write the file). Sftp also fails to preserve the uid/gid. Added code so that if is running as root, uid and gid are preserved. patch is based on Openssh 3.4p1. *** sftp-client.c@@\main\1 Tue Oct 1 17:26:20 2002 --- sftp-client.c Tue Nov 5 10:22:52 2002

Hello. These patches add a new mode of operation for the sftp server. It is located between the ordinary, unrestricted mode and read-only mode. It allows you to add files to the server, but only if these files do not exist on the server before. Changes to existing files - are prohibited. Please review them, maybe these patches will be useful not only to me. Thank you. -------------- next part

https://bugzilla.mindrot.org/show_bug.cgi?id=2948 Bug ID: 2948 Summary: implement "copy-data" sftp extension Product: Portable OpenSSH Version: -current Hardware: All URL: https://tools.ietf.org/html/draft-ietf-secsh-filexfer- extensions-00#section-7 OS: All Status: NEW

There are a couple of races in sftp-server as this patch shows: --- sftp-server.c 28 Jan 2003 18:06:53 -0000 1.1.1.2 +++ sftp-server.c 5 Feb 2003 19:19:42 -0000 @@ -832,19 +832,22 @@ process_rename(void) { u_int32_t id; - struct stat st; char *oldpath, *newpath; - int ret, status = SSH2_FX_FAILURE; + int status; id = get_int(); oldpath = get_string(NULL); newpath = get_string(NULL);

This is another take on logging for sftp-server. Given the number of private email requests I've received for this patch, I assume there is signifigant enough interest to request it be reviewed for inclusion into the release. The patch is against 3.1p1, and is completely disabled by default. To enable logging, one must use compile time directives (-DSFTP_LOGGING). This was done due to prior

Hi, please find a patch against openssh-4.7p1 This patch: 1) Allows for an optional configuration file 2) Allows a user to be restricted to a directory and it's children. Enjoy -- Alain Williams Linux Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer. +44 (0) 787 668 0256 http://www.phcomp.co.uk/ Parliament Hill Computers Ltd. Registration Information:

Sorry to repost, but I finally have the code on a machine that has diff -u, and I've updated it for 2.9p2. Attached is the unified diff to add logging of SFTP activity to auth.info. If there is a more proper way to contrib patches, please let me know. Cheers, Jason # "Jason A. Dour" <jason at dour.org> http://dour.org/ # Founder / Executive Producer - PJ

One of the features missing in sftp is the ability to transfer a symlink. This patch adds a new command to sftp which performs this transfer. Note that it uses messages that already exist in the protocol between client and server. This diff is based on OpenSSH 3.4p1. *** sftp-client.c@@\main\1 Tue Oct 1 17:26:20 2002 --- sftp-client.c Wed Oct 23 15:57:34 2002 *************** *** 666,672 ****

This patch adds a readonly mode to scp and sftp_server. This allows clients to only read files from the server, but not to write them. Patch is based on OpenSSH 3.4p1 *** scp.c@@\main\1 Tue Oct 1 17:25:16 2002 --- scp.c Wed Oct 2 06:05:14 2002 *************** *** 122,127 **** --- 122,130 ---- /* This is set to zero if the progressmeter is not desired. */ int showprogress = 1; + /* deny

Hi, I've discovered that on OpenSSH_3.6.1p1 (the latest SSH available on OSX, but I've also tried a couple of different linux distributions), when you 'sftp' to it, and try to 'chmod' some file or directory, only last three octal digits do actually matter. Example: sftp sshtest at localhost Connecting to localhost... sshtest at localhost's password: sftp> ls -l

On 2/17/16 3:02 PM, Carson Gaspar wrote: > > Sadly I'm hitting a different autoconf bug :-( I was being an idiot - configure was bombing out & I didn't notice (boy that openssl version error message is loooooong...) With Mr. Wilson's patch, I still get: "sandbox-solaris.c", line 22: #error: "--with-solaris-privs must be used with the Solaris sandbox"

On 2/17/16 6:02 PM, Darren Tucker wrote: > On Thu, Feb 18, 2016 at 12:43 PM, Carson Gaspar <carson at taltos.org> wrote: > [...] >> Is there a sane way to run just one test script? LTESTS can't be overridden >> AFAIK... > > make t-exec LTESTS=testname > > where testname is the name of the specific test script without the .sh > extension. Nope, that runs

Bug: all .out files get rebuilt every make. This is silly, and breaks make install if root cannot write to your build dir. Fix: add dependancy check sop .out files only get rebuilt if the source file changes FixBug: if any source file gets changed, all .out files get rebuilt. This is because man pages and config files both get .out extensions but get created differently. It's

Here's a patch that adds support for the creation of hard links over SFTP. Hard links are not used very often nowdays, but they do still have their uses and this is currently the most often requested improvement for SSHFS. To detect hard links the st_nlink, st_dev and st_ino attributes are usually used. I'll also post patches adding extensions for these and other attributes. Please

This is needed to be able to support a rename() operation conforming to POSIX in the SSH filesystem. With the rename operation defined in the SFTP spec, this is impossible, since in case the target exists it's not possible to perform the rename+unlink atomically. Miklos Index: ssh/sftp-server.c =================================================================== --- ssh.orig/sftp-server.c

On Thu, Oct 30, 2008 at 11:05 PM, Richard Elling <Richard.Elling at sun.com> wrote: > Philip Brown wrote: >> I''ve recently started down the road of production use for zfs, and am hitting my head on some paradigm shifts. I''d like to clarify whether my understanding is correct, and/or whether there are better ways of doing things. >> I have one question for

channels.h from today's CVS has MS-DOS ^M end-of-line chars. -- Carson Gaspar - carson at taltos.org Queen trapped in a butch body

Here is a new version of my partial auth patch against the April 24, 2001 CVS image. It fixes a couple of things (thanks to Karl M <karlm30 at hotmail.com>), and includes support for hostbased auth. It's still not pretty, but it works. 2 things Karl mentioned aren't fixed: - auth methods are still hard-coded into servconf.c. Fixing this would require a lot of work, and all the