similar to: [patch] Incorrect umask in FreeBSD

Displaying 20 results from an estimated 300 matches similar to: "[patch] Incorrect umask in FreeBSD"

2002 Jun 25
3
BSD/OS with privsep
I need this for BSD/OS 4.2 + privsep perhaps we should not call do_setusercontext() after chroot(). --- sshd.c.orig Fri Jun 21 03:09:47 2002 +++ sshd.c Tue Jun 25 13:11:03 2002 @@ -548,21 +548,35 @@ /* Change our root directory*/ if (chroot(_PATH_PRIVSEP_CHROOT_DIR) == -1) fatal("chroot(\"%s\"): %s", _PATH_PRIVSEP_CHROOT_DIR, strerror(errno)); if
2006 Apr 27
0
bug in OpenSSH_4.3p2: pam_open_session() called but not close for root users
For root sessions pam_open_session is called, but not pam_close_session. sshd behavior is broken for root logins because if pam session is run from the child, close is never called due to exec: on open since use_privsep is not set, parent calls do_exec_pty(), which does not open session. then, it skips calling do_setusercontext(), so it does not open session. child calls
2000 Feb 27
0
[PATCH] Fix login.conf, expiration, BSD compatibility in OpenSSH
This patch revive almost all login.conf and password/account expiration features, makes OpenSSH more FreeBSD login compatible and fix non-critical memory leak. Please review and commit. --- sshd.c.old Fri Feb 25 08:23:45 2000 +++ sshd.c Sun Feb 27 02:53:33 2000 @@ -37,9 +37,8 @@ #endif /* LIBWRAP */ #ifdef __FreeBSD__ -#include <libutil.h> -#include <syslog.h> #define LOGIN_CAP
2003 Sep 23
1
3.7.1p1 appears to break pam session.
Hi, I am running FreeBSD 4.7 and openssh 3.7.1p1. I have enabled PAM usage and indeed, I can use PAM for authentication purposes. Since configure does login_cap.h, the preprocessor is side stepping do_pam_session() altogether in session.c:do_setusercontext(). Here is my patch for session.c. My understanding about portability issues is rather limited. I would very much appreciate if you
2002 Jun 25
0
[Bug 298] New: sshd fails to set user context, preventing all logins, also setgroups is failing
http://bugzilla.mindrot.org/show_bug.cgi?id=298 Summary: sshd fails to set user context, preventing all logins, also setgroups is failing Product: Portable OpenSSH Version: -current Platform: ix86 OS/Version: BSDI Status: NEW Severity: major Priority: P2 Component: sshd
2024 Jul 30
11
[Bug 3715] New: safely_chroot is a little too restrictive: noexec or nosuid should be enough
https://bugzilla.mindrot.org/show_bug.cgi?id=3715 Bug ID: 3715 Summary: safely_chroot is a little too restrictive: noexec or nosuid should be enough Product: Portable OpenSSH Version: 9.8p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5
2000 Oct 07
0
OpenSSH changes for BSD/OS
The following are patches against openssh 2.1.1p4 to add support for the BSD_AUTH authentication mechanisms. It allows the use of non-challenge/response style mechanisms (which styles are allowed my be limited by appropriate auth-ssh entries in login.conf). The patches also add support for calling setusercontext for the appropriate class when called with a command (so that the PATH, limits,
2001 Feb 16
1
OpenSSH 2.3.0p1 port to BSDI BSD/OS
BSD/OS 4.2 comes with OpenSSH 2.1.1p4, patched to support BSDI's authentication library. However, BSDI's patches have several problems: 1. They don't run the approval phase, so they can allow users to login who aren't supposed to be able to. 2. They don't patch configure to automatically detect the BSDI auth system, so they're not ready to use in a general portable
2001 Jul 20
0
Updated chroot patch
This is the patch part of contrib/chroot.diff updated to be appliable against openssh-2.9p2. Tested on FreeBSD (various 3.x and 4.x) without PAM or UseLogin. Also, as part of deployment (replacing emergency-withdrawal of Telnet access) I've chosen to get sftp on the relevant boxes. The deployment had a scriptlet doing the config/make/etc and after the "make install" would change
2002 Jun 26
4
[Bug 298] sshd fails to set user context, preventing all logins, also setgroups is failing
http://bugzilla.mindrot.org/show_bug.cgi?id=298 ------- Additional Comments From sshbugs at wayne47.com 2002-06-26 11:05 ------- Problem appears to be that setusercontext is being called after a chroot. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
2002 Nov 26
0
[Bug 446] New: $LOGIN not set by openssh under AIX
http://bugzilla.mindrot.org/show_bug.cgi?id=446 Summary: $LOGIN not set by openssh under AIX Product: Portable OpenSSH Version: -current Platform: All OS/Version: AIX Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org ReportedBy: mii at
2002 Jul 04
4
Chroot patch (v3.4p1)
The following is a patch I've been working on to support a "ChrootUser" option in the sshd_config file. I was looking for a way to offer sftp access and at the same time restict interactive shell access. This patch is a necessary first step (IMO). It applies clean with 'patch -l'. Also attached is a shell script that helps to build a chrooted home dir on a RedHat 7.2
2008 Nov 05
1
openssh on interix
Hi openssh developers, I'm trying to port openssh to Interix. See [1] for more on this. For Interix sshd needs to be patched to not use setuid()/setgid(), but an Interix specific function setuser(). See [2] why it is needed. Unfortunately, setuser() needs the clear-text password of the user to be fully functional (If you use password-less setuser(), then the user doesn't have network
2000 Aug 23
14
Test snapshot
I have just tarred up a snapshot and uploaded it to: http://www.mindrot.org/misc/openssh/openssh-SNAP-20000823.tar.gz The snapshot incorporates the last month's fixes and enhancements from the openssh-unix-dev mailing list and from the OpenBSD developers. In particular: - ssh-agent and ssh-add now handle DSA keys. NB. this does not interop with ssh.com's ssh-agent. (Markus Friedl)
2002 Sep 11
1
tru64 sia: move call of session_setup_sia() to do_setusercontext(), letting grantpty() and friends handle pty perms
Hi- Under privsep, I experimented with moving the session_setup_sia() out of do_child() and into do_setusercontext(), which is where the uids/gids are set to the final execution user. The call is made with a NULL tty, and this is functional provided that any later pty allocation uses grantpty() to set the device permissions. Logging in with this method shows that a utmp entry does get made for
2018 Nov 29
2
Where to implement user limit settings ?
Hello, I'm trying to implement setting of user limits (ulimit) in sshd. I'm not using PAM so I need it in the sshd itself. The task is very simple - just to put one line calling setup_limits(pw); and link with -lshadow. But the problem is, where to put this line. I did it in session.c, in do_child(), like this: #ifdef HAVE_OSF_SIA session_setup_sia(pw, s->ttyfd == -1 ? NULL
2016 May 23
0
Re: [PATCH] umask: Use /proc/<PID>/status to read umask in Linux >= 4.7.
On Mon, May 23, 2016 at 12:12:21PM +0300, Roman Kagan wrote: > On Sat, May 21, 2016 at 01:14:40PM +0100, Richard W.M. Jones wrote: > > + path = safe_asprintf (g, "/proc/%d/status", getpid ()); > > Why not "/proc/self/status"? Hmm indeed why not :-( I will fix it ... Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones Read
2016 May 21
1
[PATCH] umask: Use /proc/<PID>/status to read umask in Linux >= 4.7.
Since Linux 4.7, the process umask is available in /proc/<pid>/status. See: https://github.com/torvalds/linux/commit/3e42979e65dace1f9268dd5440e5ab096b8dee59 Use this value if available, else fall back to the existing codepath for Linux <= 4.6 and other Unix. --- src/umask.c | 86 +++++++++++++++++++++++++++++++++++++++++++++++++++++++------ 1 file changed, 78 insertions(+), 8
2004 Aug 23
8
[Bug 918] ssh_gssapi_storecreds called to late to be usable by PAM in sesion.c
http://bugzilla.mindrot.org/show_bug.cgi?id=918 Summary: ssh_gssapi_storecreds called to late to be usable by PAM in sesion.c Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: PAM support AssignedTo:
2003 Jan 09
1
[PATCH] Allow multiple accounts on Windows 9x/Me
Hi, the following patch by Pierre A. Humblet <Pierre.Humblet at ieee.org> allows to use more than one uid on 9x/Me boxes which is currently blocked due to the behaviour of Cygwin's security code. After this patch is applied to sshd, we can safely change the affected code in Cygwin. Thanks, Corinna Index: session.c ===================================================================