- djm@cvs.openbsd.org 2008/02/10 09:55:37
[sshd_config.5]
mantion that "internal-sftp" is useful with ForceCommand too
+ - djm@cvs.openbsd.org 2008/02/10 10:54:29
+ [servconf.c session.c]
+ delay ~ expansion for ChrootDirectory so it expands to the logged-in user's
+ home, rather than the user who starts sshd (probably root)
20080119
- (djm) Silence noice from expr in ssh-copy-id; patch from
-/* $OpenBSD: servconf.c,v 1.176 2008/02/08 23:24:08 djm Exp $ */
+/* $OpenBSD: servconf.c,v 1.177 2008/02/10 10:54:28 djm Exp $ */
/*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
case sChrootDirectory:
charptr = &options->chroot_directory;
- goto parse_filename;
+
+ arg = strdelim(&cp);
+ if (!arg || *arg == '\0')
+ fatal("%s line %d: missing file name.",
+ filename, linenum);
+ if (*activep && *charptr == NULL)
+ *charptr = xstrdup(arg);
+ break;
case sDeprecated:
logit("%s line %d: Deprecated option %s",
-/* $OpenBSD: session.c,v 1.226 2008/02/08 23:24:07 djm Exp $ */
+/* $OpenBSD: session.c,v 1.227 2008/02/10 10:54:29 djm Exp $ */
/*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
void
do_setusercontext(struct passwd *pw)
{
+ char *chroot_path, *tmp;
+
#ifndef HAVE_CYGWIN
if (getuid() == 0 || geteuid() == 0)
#endif /* HAVE_CYGWIN */
if (options.chroot_directory != NULL &&
strcasecmp(options.chroot_directory, "none") != 0) {
- char *chroot_path;
-
- chroot_path = percent_expand(options.chroot_directory,
- "h", pw->pw_dir, "u", pw->pw_name, (char *)NULL);
+ tmp = tilde_expand_filename(options.chroot_directory,
+ pw->pw_uid);
+ chroot_path = percent_expand(tmp, "h", pw->pw_dir,
+ "u", pw->pw_name, (char *)NULL);
safely_chroot(chroot_path, pw->pw_uid);
+ free(tmp);
free(chroot_path);
}