summaryrefslogtreecommitdiff
path: root/README.privsep
diff options
context:
space:
mode:
authorTim Rice <tim@multitalents.net>2002-06-25 17:25:47 -0700
committerTim Rice <tim@multitalents.net>2002-06-25 17:25:47 -0700
commite04ee923d950f76132fa137f5e33ff42b94126be (patch)
tree03ebde937f6c3d7954c1f86f8bc1851a5db8a62a /README.privsep
parenta95fd3f8ad53d2ac2fb26558e033bd5180131c77 (diff)
UnixWare tip is no longer needed.
Diffstat (limited to 'README.privsep')
-rw-r--r--README.privsep9
1 files changed, 3 insertions, 6 deletions
diff --git a/README.privsep b/README.privsep
index 12b9cb2fc..dd8069a77 100644
--- a/README.privsep
+++ b/README.privsep
@@ -23,9 +23,6 @@ prepare the privsep preauth environment:
23 # groupadd sshd 23 # groupadd sshd
24 # useradd -g sshd -c 'sshd privsep' -d /var/empty sshd 24 # useradd -g sshd -c 'sshd privsep' -d /var/empty sshd
25 25
26If you are on UnixWare 7 or OpenUNIX 8 do this additional step.
27 # ln /usr/lib/.ns.so /usr/lib/ns.so.1
28
29/var/empty should not contain any files. 26/var/empty should not contain any files.
30 27
31configure supports the following options to change the default 28configure supports the following options to change the default
@@ -34,8 +31,8 @@ privsep user and chroot directory:
34 --with-privsep-path=xxx Path for privilege separation chroot 31 --with-privsep-path=xxx Path for privilege separation chroot
35 --with-privsep-user=user Specify non-privileged user for privilege separation 32 --with-privsep-user=user Specify non-privileged user for privilege separation
36 33
37Privsep requires operating system support for file descriptor passing 34Privsep requires operating system support for file descriptor passing.
38and mmap(MAP_ANON). 35Compression will be disabled on systems without a working mmap MAP_ANON.
39 36
40PAM-enabled OpenSSH is known to function with privsep on Linux. 37PAM-enabled OpenSSH is known to function with privsep on Linux.
41It does not function on HP-UX with a trusted system 38It does not function on HP-UX with a trusted system
@@ -57,4 +54,4 @@ process 1005 is the sshd process listening for new connections.
57process 6917 is the privileged monitor process, 6919 is the user owned 54process 6917 is the privileged monitor process, 6919 is the user owned
58sshd process and 6921 is the shell process. 55sshd process and 6921 is the shell process.
59 56
60$Id: README.privsep,v 1.8 2002/06/24 16:49:22 stevesk Exp $ 57$Id: README.privsep,v 1.9 2002/06/26 00:25:48 tim Exp $