- markus@cvs.openbsd.org 2002/05/29 11:21:57

     [sshd.c]
     don't start if privsep is enabled and SSH_PRIVSEP_USER or
     _PATH_PRIVSEP_CHROOT_DIR are missing; ok deraadt@

2 files changed, 19 insertions, 2 deletions

diff --git a/ChangeLog b/ChangeLog
index 9bc1e3dc4..d20ad9129 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -50,6 +50,10 @@
    - stevesk@cvs.openbsd.org 2002/05/29 03:06:30
      [ssh.1 sshd.8]
      spelling
+   - markus@cvs.openbsd.org 2002/05/29 11:21:57
+     [sshd.c]
+     don't start if privsep is enabled and SSH_PRIVSEP_USER or
+     _PATH_PRIVSEP_CHROOT_DIR are missing; ok deraadt@
 
 20020604
  - (stevesk) [channels.c] bug #164 patch from YOSHIFUJI Hideaki (changed
@@ -734,4 +738,4 @@
  - (stevesk) entropy.c: typo in debug message
  - (djm) ssh-keygen -i needs seeded RNG; report from markus@
 
-$Id: ChangeLog,v 1.2159 2002/06/06 20:45:33 mouring Exp $
+$Id: ChangeLog,v 1.2160 2002/06/06 20:46:25 mouring Exp $
diff --git a/sshd.c b/sshd.c
index 437e0f970..2f810b9c1 100644
--- a/sshd.c
+++ b/sshd.c
@@ -42,7 +42,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.243 2002/05/22 23:18:25 deraadt Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.244 2002/05/29 11:21:57 markus Exp $");
 
 #include <openssl/dh.h>
 #include <openssl/bn.h>
@@ -1001,6 +1001,19 @@ main(int ac, char **av)
                 }
         }
 
+        if (use_privsep) {
+                struct passwd *pw;
+                struct stat st;
+
+                if ((pw = getpwnam(SSH_PRIVSEP_USER)) == NULL)
+                        fatal("Privilege separation user %s does not exist",
+                            SSH_PRIVSEP_USER);
+                if ((stat(_PATH_PRIVSEP_CHROOT_DIR, &st) == -1) ||
+                    (S_ISDIR(st.st_mode) == 0))
+                        fatal("Missing privilege separation directory: %s",
+                            _PATH_PRIVSEP_CHROOT_DIR);
+        }
+
         /* Configuration looks good, so exit if in test mode. */
         if (test_flag)
                 exit(0);