- stevesk@cvs.openbsd.org 2002/03/19 03:03:43

     [pathnames.h servconf.c servconf.h sshd.c]
     _PATH_PRIVSEP_CHROOT_DIR; ok provos@

diff --git a/ChangeLog b/ChangeLog
index 80632a9feed2092ac0e66c1018f67bf47ec0a854..4a16418f099334fba7e28e1458bb8799ce6f487a 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -75,6 +75,9 @@
      [servconf.c]
      UnprivUser/UnprivGroup usable now--specify numeric user/group; ok
      provos@
+   - stevesk@cvs.openbsd.org 2002/03/19 03:03:43
+     [pathnames.h servconf.c servconf.h sshd.c]
+     _PATH_PRIVSEP_CHROOT_DIR; ok provos@
 
 20020317
  - (tim) [configure.ac] Assume path given with --with-pid-dir=PATH is wanted,

diff --git a/pathnames.h b/pathnames.h
index 002c313a5d1d767d1602cd0a1e68975ec5498b66..943830c0891cfa3e774d56e4d8716a33df3c4ca5 100644 (file)
--- a/pathnames.h
+++ b/pathnames.h
@@ -1,4 +1,4 @@
-/*     $OpenBSD: pathnames.h,v 1.11 2002/02/09 17:37:34 deraadt Exp $  */
+/*     $OpenBSD: pathnames.h,v 1.12 2002/03/19 03:03:43 stevesk Exp $  */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -139,6 +139,9 @@
 #ifndef _PATH_SFTP_SERVER
 #define _PATH_SFTP_SERVER              "/usr/libexec/sftp-server"
 #endif
+
+/* chroot directory for unprivileged user when UsePrivilegeSeparation=yes */
+#define _PATH_PRIVSEP_CHROOT_DIR       "/var/empty"
 #ifndef _PATH_LS
 #define _PATH_LS                       "ls"
 #endif

diff --git a/servconf.c b/servconf.c
index 72d75cc9866e7abc8919d56abdfcd1c11099a9de..085854908079d12a37931f35f768bdaed333e28d 100644 (file)
--- a/servconf.c
+++ b/servconf.c
@@ -10,7 +10,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: servconf.c,v 1.103 2002/03/18 23:52:51 stevesk Exp $");
+RCSID("$OpenBSD: servconf.c,v 1.104 2002/03/19 03:03:43 stevesk Exp $");
 
 #if defined(KRB4) || defined(KRB5)
 #include <krb.h>
@@ -115,7 +115,6 @@ initialize_server_options(ServerOptions *options)
 
        options->unprivileged_user = -1;
        options->unprivileged_group = -1;
-       options->unprivileged_dir = NULL;
 
        /* Needs to be accessable in many places */
        use_privsep = -1;
@@ -252,8 +251,6 @@ fill_default_server_options(ServerOptions *options)
                options->unprivileged_user = 32767;
        if (options->unprivileged_group == -1)
                options->unprivileged_group = 32767;
-       if (options->unprivileged_dir == NULL)
-               options->unprivileged_dir = "/var/empty";
 }
 
 /* Keyword tokens. */
@@ -286,7 +283,7 @@ typedef enum {
        sBanner, sVerifyReverseMapping, sHostbasedAuthentication,
        sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
        sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
-       sUsePrivilegeSeparation, sUnprivUser, sUnprivGroup, sUnprivDir,
+       sUsePrivilegeSeparation, sUnprivUser, sUnprivGroup,
        sDeprecated
 } ServerOpCodes;
 
@@ -365,7 +362,6 @@ static struct {
        { "useprivilegeseparation", sUsePrivilegeSeparation},
        { "unprivuser", sUnprivUser},
        { "unprivgroup", sUnprivGroup},
-       { "unprivdir", sUnprivDir},
        { NULL, sBadOption }
 };
 
@@ -754,10 +750,6 @@ parse_flag:
                intptr = &options->unprivileged_group;
                goto parse_int;
 
-       case sUnprivDir:
-               charptr = &options->unprivileged_dir;
-               goto parse_filename;
-
        case sAllowUsers:
                while ((arg = strdelim(&cp)) && *arg != '\0') {
                        if (options->num_allow_users >= MAX_ALLOW_USERS)

diff --git a/servconf.h b/servconf.h
index b5d110a5a69c1f8d5e67b2d7eb647c9107778ffc..06afaa3c8ed1b8264d895dcc3c15a3ea5be7e8ab 100644 (file)
--- a/servconf.h
+++ b/servconf.h
@@ -1,4 +1,4 @@
-/*     $OpenBSD: servconf.h,v 1.55 2002/03/18 17:50:31 provos Exp $    */
+/*     $OpenBSD: servconf.h,v 1.56 2002/03/19 03:03:43 stevesk Exp $   */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -133,7 +133,6 @@ typedef struct {
 
        int     unprivileged_user;      /* User unprivileged child uses */
        int     unprivileged_group;     /* Group unprivileged child uses */
-       char   *unprivileged_dir;       /* Chroot dir for unprivileged user */
 }       ServerOptions;
 
 void    initialize_server_options(ServerOptions *);

diff --git a/sshd.c b/sshd.c
index c82603d5814f04f956643d3115342805a3270aec..c788ac016c0a450e7288178f2f7a63c911851605 100644 (file)
--- a/sshd.c
+++ b/sshd.c
@@ -42,7 +42,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.231 2002/03/18 17:50:31 provos Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.232 2002/03/19 03:03:43 stevesk Exp $");
 
 #include <openssl/dh.h>
 #include <openssl/bn.h>
@@ -533,8 +533,9 @@ privsep_preauth_child(void)
        demote_sensitive_data();
 
        /* Change our root directory*/
-       if (chroot(options.unprivileged_dir) == -1)
-               fatal("chroot(/var/empty)");
+       if (chroot(_PATH_PRIVSEP_CHROOT_DIR) == -1)
+               fatal("chroot(\"%s\"): %s", _PATH_PRIVSEP_CHROOT_DIR,
+                   strerror(errno));
        if (chdir("/") == -1)
                fatal("chdir(/)");