[gssapi-openssh.git] / openssh / pathnames.h

/*	$OpenBSD: pathnames.h,v 1.12 2002/03/19 03:03:43 stevesk Exp $	*/

/*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
 *
 * As far as I am concerned, the code I have written for this software
 * can be used freely for any purpose.  Any derived versions of this
 * software must be clearly marked as such, and if the derived work is
 * incompatible with the protocol description in the RFC file, it must be
 * called by a name other than "ssh" or "Secure Shell".
 */

/*
 * Some of these pathnames are generated at run-time to meet GPT binary
 * relocatability requirements.  They are initialized by init_pathnames()
 * in pathnames.c.
 */
void init_pathnames();

#ifndef _PATH_SSH_PIDDIR
#define _PATH_SSH_PIDDIR		"/var/run"
#endif

/*
 * System-wide file containing host keys of known hosts.  This file should be
 * world-readable.
 */
extern char *_PATH_SSH_SYSTEM_HOSTFILE;
/* backward compat for protocol 2 */
extern char *_PATH_SSH_SYSTEM_HOSTFILE2;

/*
 * Of these, ssh_host_key must be readable only by root, whereas ssh_config
 * should be world-readable.
 */
extern char *_PATH_SERVER_CONFIG_FILE;
extern char *_PATH_HOST_CONFIG_FILE;
extern char *_PATH_HOST_KEY_FILE;
extern char *_PATH_HOST_DSA_KEY_FILE;
extern char *_PATH_HOST_RSA_KEY_FILE;
extern char *_PATH_DH_MODULI;
/* Backwards compatibility */
extern char *_PATH_DH_PRIMES;

extern char *_PATH_SSH_PROGRAM;

/*
 * The process id of the daemon listening for connections is saved here to
 * make it easier to kill the correct daemon when necessary.
 */
#define _PATH_SSH_DAEMON_PID_FILE	_PATH_SSH_PIDDIR "/sshd.pid"

/*
 * The directory in user\'s home directory in which the files reside. The
 * directory should be world-readable (though not all files are).
 */
#define _PATH_SSH_USER_DIR		".ssh"

/*
 * Per-user file containing host keys of known hosts.  This file need not be
 * readable by anyone except the user him/herself, though this does not
 * contain anything particularly secret.
 */
#define _PATH_SSH_USER_HOSTFILE		"~/.ssh/known_hosts"
/* backward compat for protocol 2 */
#define _PATH_SSH_USER_HOSTFILE2	"~/.ssh/known_hosts2"

/*
 * Name of the default file containing client-side authentication key. This
 * file should only be readable by the user him/herself.
 */
#define _PATH_SSH_CLIENT_IDENTITY	".ssh/identity"
#define _PATH_SSH_CLIENT_ID_DSA		".ssh/id_dsa"
#define _PATH_SSH_CLIENT_ID_RSA		".ssh/id_rsa"

/*
 * Configuration file in user\'s home directory.  This file need not be
 * readable by anyone but the user him/herself, but does not contain anything
 * particularly secret.  If the user\'s home directory resides on an NFS
 * volume where root is mapped to nobody, this may need to be world-readable.
 */
#define _PATH_SSH_USER_CONFFILE		".ssh/config"

/*
 * File containing a list of those rsa keys that permit logging in as this
 * user.  This file need not be readable by anyone but the user him/herself,
 * but does not contain anything particularly secret.  If the user\'s home
 * directory resides on an NFS volume where root is mapped to nobody, this
 * may need to be world-readable.  (This file is read by the daemon which is
 * running as root.)
 */
#define _PATH_SSH_USER_PERMITTED_KEYS	".ssh/authorized_keys"

/* backward compat for protocol v2 */
#define _PATH_SSH_USER_PERMITTED_KEYS2	".ssh/authorized_keys2"

/*
 * Per-user and system-wide ssh "rc" files.  These files are executed with
 * /bin/sh before starting the shell or command if they exist.  They will be
 * passed "proto cookie" as arguments if X11 forwarding with spoofing is in
 * use.  xauth will be run if neither of these exists.
 */
#define _PATH_SSH_USER_RC		".ssh/rc"
extern char *_PATH_SSH_SYSTEM_RC;

/*
 * Ssh-only version of /etc/hosts.equiv.  Additionally, the daemon may use
 * ~/.rhosts and /etc/hosts.equiv if rhosts authentication is enabled.
 */
extern char *_PATH_SSH_HOSTS_EQUIV;
#define _PATH_RHOSTS_EQUIV		"/etc/hosts.equiv"

/*
 * Default location of askpass
 */
#ifndef _PATH_SSH_ASKPASS_DEFAULT
#define _PATH_SSH_ASKPASS_DEFAULT	"/usr/X11R6/bin/ssh-askpass"
#endif

/* xauth for X11 forwarding */
#ifndef _PATH_XAUTH
#define _PATH_XAUTH			"/usr/X11R6/bin/xauth"
#endif

/* UNIX domain socket for X11 server; displaynum will replace %u */
#ifndef _PATH_UNIX_X
#define _PATH_UNIX_X "/tmp/.X11-unix/X%u"
#endif

/* for scp */
#ifndef _PATH_CP
#define _PATH_CP			"cp"
#endif

/* for sftp */
extern char *_PATH_SFTP_SERVER;

/* chroot directory for unprivileged user when UsePrivilegeSeparation=yes */
#ifndef _PATH_PRIVSEP_CHROOT_DIR
#define _PATH_PRIVSEP_CHROOT_DIR	"/var/empty"
#endif

/* chroot directory for unprivileged user when UsePrivilegeSeparation=yes */
#ifndef _PATH_PRIVSEP_CHROOT_DIR
#define _PATH_PRIVSEP_CHROOT_DIR	"/var/empty"
#endif

#ifndef _PATH_LS
#define _PATH_LS			"ls"
#endif

/* path to login program */
#ifndef LOGIN_PROGRAM
# ifdef LOGIN_PROGRAM_FALLBACK
#  define LOGIN_PROGRAM         LOGIN_PROGRAM_FALLBACK
# else
#  define LOGIN_PROGRAM         "/usr/bin/login"
# endif
#endif /* LOGIN_PROGRAM */

/* Askpass program define */
#ifndef ASKPASS_PROGRAM
#define ASKPASS_PROGRAM         "/usr/lib/ssh/ssh-askpass"
#endif /* ASKPASS_PROGRAM */

/* Path to rand helper */
extern char *SSH_RAND_HELPER;

/* Default user path that includes location of scp. */
extern char *_PATH_STDPATH_WITH_SCP;
Commit	Line	Data
2980ea68	1	/* $OpenBSD: pathnames.h,v 1.12 2002/03/19 03:03:43 stevesk Exp $ */
3c0ef626	2
	3	/*
	4	* Author: Tatu Ylonen <ylo@cs.hut.fi>
	5	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
	6	* All rights reserved
	7	*
	8	* As far as I am concerned, the code I have written for this software
	9	* can be used freely for any purpose. Any derived versions of this
	10	* software must be clearly marked as such, and if the derived work is
	11	* incompatible with the protocol description in the RFC file, it must be
	12	* called by a name other than "ssh" or "Secure Shell".
	13	*/
	14
ae43c103	15	/*
	16	* Some of these pathnames are generated at run-time to meet GPT binary
	17	* relocatability requirements. They are initialized by init_pathnames()
	18	* in pathnames.c.
	19	*/
	20	void init_pathnames();
3c0ef626	21
	22	#ifndef _PATH_SSH_PIDDIR
	23	#define _PATH_SSH_PIDDIR "/var/run"
	24	#endif
	25
	26	/*
	27	* System-wide file containing host keys of known hosts. This file should be
	28	* world-readable.
	29	*/
ae43c103	30	extern char *_PATH_SSH_SYSTEM_HOSTFILE;
3c0ef626	31	/* backward compat for protocol 2 */
ae43c103	32	extern char *_PATH_SSH_SYSTEM_HOSTFILE2;
3c0ef626	33
	34	/*
	35	* Of these, ssh_host_key must be readable only by root, whereas ssh_config
	36	* should be world-readable.
	37	*/
ae43c103	38	extern char *_PATH_SERVER_CONFIG_FILE;
	39	extern char *_PATH_HOST_CONFIG_FILE;
	40	extern char *_PATH_HOST_KEY_FILE;
	41	extern char *_PATH_HOST_DSA_KEY_FILE;
	42	extern char *_PATH_HOST_RSA_KEY_FILE;
	43	extern char *_PATH_DH_MODULI;
3c0ef626	44	/* Backwards compatibility */
ae43c103	45	extern char *_PATH_DH_PRIMES;
3c0ef626	46
ae43c103	47	extern char *_PATH_SSH_PROGRAM;
3c0ef626	48
	49	/*
	50	* The process id of the daemon listening for connections is saved here to
	51	* make it easier to kill the correct daemon when necessary.
	52	*/
	53	#define _PATH_SSH_DAEMON_PID_FILE _PATH_SSH_PIDDIR "/sshd.pid"
	54
	55	/*
	56	* The directory in user\'s home directory in which the files reside. The
	57	* directory should be world-readable (though not all files are).
	58	*/
	59	#define _PATH_SSH_USER_DIR ".ssh"
	60
	61	/*
	62	* Per-user file containing host keys of known hosts. This file need not be
	63	* readable by anyone except the user him/herself, though this does not
	64	* contain anything particularly secret.
	65	*/
	66	#define _PATH_SSH_USER_HOSTFILE "~/.ssh/known_hosts"
	67	/* backward compat for protocol 2 */
	68	#define _PATH_SSH_USER_HOSTFILE2 "~/.ssh/known_hosts2"
	69
	70	/*
	71	* Name of the default file containing client-side authentication key. This
	72	* file should only be readable by the user him/herself.
	73	*/
	74	#define _PATH_SSH_CLIENT_IDENTITY ".ssh/identity"
	75	#define _PATH_SSH_CLIENT_ID_DSA ".ssh/id_dsa"
	76	#define _PATH_SSH_CLIENT_ID_RSA ".ssh/id_rsa"
	77
	78	/*
	79	* Configuration file in user\'s home directory. This file need not be
	80	* readable by anyone but the user him/herself, but does not contain anything
	81	* particularly secret. If the user\'s home directory resides on an NFS
	82	* volume where root is mapped to nobody, this may need to be world-readable.
	83	*/
	84	#define _PATH_SSH_USER_CONFFILE ".ssh/config"
	85
	86	/*
	87	* File containing a list of those rsa keys that permit logging in as this
	88	* user. This file need not be readable by anyone but the user him/herself,
	89	* but does not contain anything particularly secret. If the user\'s home
	90	* directory resides on an NFS volume where root is mapped to nobody, this
	91	* may need to be world-readable. (This file is read by the daemon which is
	92	* running as root.)
	93	*/
	94	#define _PATH_SSH_USER_PERMITTED_KEYS ".ssh/authorized_keys"
	95
	96	/* backward compat for protocol v2 */
	97	#define _PATH_SSH_USER_PERMITTED_KEYS2 ".ssh/authorized_keys2"
	98
	99	/*
	100	* Per-user and system-wide ssh "rc" files. These files are executed with
	101	* /bin/sh before starting the shell or command if they exist. They will be
	102	* passed "proto cookie" as arguments if X11 forwarding with spoofing is in
	103	* use. xauth will be run if neither of these exists.
	104	*/
	105	#define _PATH_SSH_USER_RC ".ssh/rc"
ae43c103	106	extern char *_PATH_SSH_SYSTEM_RC;
3c0ef626	107
	108	/*
	109	* Ssh-only version of /etc/hosts.equiv. Additionally, the daemon may use
	110	* ~/.rhosts and /etc/hosts.equiv if rhosts authentication is enabled.
	111	*/
ae43c103	112	extern char *_PATH_SSH_HOSTS_EQUIV;
3c0ef626	113	#define _PATH_RHOSTS_EQUIV "/etc/hosts.equiv"
	114
	115	/*
	116	* Default location of askpass
	117	*/
	118	#ifndef _PATH_SSH_ASKPASS_DEFAULT
	119	#define _PATH_SSH_ASKPASS_DEFAULT "/usr/X11R6/bin/ssh-askpass"
	120	#endif
	121
	122	/* xauth for X11 forwarding */
	123	#ifndef _PATH_XAUTH
	124	#define _PATH_XAUTH "/usr/X11R6/bin/xauth"
	125	#endif
	126
e9a17296	127	/* UNIX domain socket for X11 server; displaynum will replace %u */
	128	#ifndef _PATH_UNIX_X
	129	#define _PATH_UNIX_X "/tmp/.X11-unix/X%u"
	130	#endif
	131
3c0ef626	132	/* for scp */
	133	#ifndef _PATH_CP
	134	#define _PATH_CP "cp"
	135	#endif
	136
	137	/* for sftp */
ae43c103	138	extern char *_PATH_SFTP_SERVER;
ae43c103	139
2980ea68	140	/* chroot directory for unprivileged user when UsePrivilegeSeparation=yes */
	141	#ifndef _PATH_PRIVSEP_CHROOT_DIR
	142	#define _PATH_PRIVSEP_CHROOT_DIR "/var/empty"
	143	#endif
	144
078f71c2	145	/* chroot directory for unprivileged user when UsePrivilegeSeparation=yes */
	146	#ifndef _PATH_PRIVSEP_CHROOT_DIR
	147	#define _PATH_PRIVSEP_CHROOT_DIR "/var/empty"
	148	#endif
	149
3c0ef626	150	#ifndef _PATH_LS
	151	#define _PATH_LS "ls"
	152	#endif
	153
	154	/* path to login program */
	155	#ifndef LOGIN_PROGRAM
	156	# ifdef LOGIN_PROGRAM_FALLBACK
	157	# define LOGIN_PROGRAM LOGIN_PROGRAM_FALLBACK
	158	# else
	159	# define LOGIN_PROGRAM "/usr/bin/login"
	160	# endif
	161	#endif /* LOGIN_PROGRAM */
	162
	163	/* Askpass program define */
	164	#ifndef ASKPASS_PROGRAM
	165	#define ASKPASS_PROGRAM "/usr/lib/ssh/ssh-askpass"
	166	#endif /* ASKPASS_PROGRAM */
7c05f953	167
	168	/* Path to rand helper */
	169	extern char *SSH_RAND_HELPER;
e4e8cd53	170
	171	/* Default user path that includes location of scp. */
	172	extern char *_PATH_STDPATH_WITH_SCP;