summaryrefslogtreecommitdiff
path: root/contrib/chroot.diff
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2000-03-15 12:13:01 +1100
committerDamien Miller <djm@mindrot.org>2000-03-15 12:13:01 +1100
commit8b1c22b7758511461b359461926e47b093a349d3 (patch)
tree482ba5094683dac130413f7c2d4971e9b2a31761 /contrib/chroot.diff
parentf09b07a971f64cf69f2c45a364c3d56559f7c1c3 (diff)
- Created contrib/ subdirectory. Included helpers from Phil Hands'
Debian package, README file and chroot patch from Ricardo Cerqueira <rmcc@clix.pt> - Moved gnome-ssh-askpass.c to contrib directory and reomved config option. - Slight cleanup to doc files
Diffstat (limited to 'contrib/chroot.diff')
-rw-r--r--contrib/chroot.diff134
1 files changed, 134 insertions, 0 deletions
diff --git a/contrib/chroot.diff b/contrib/chroot.diff
new file mode 100644
index 000000000..850bd8ffc
--- /dev/null
+++ b/contrib/chroot.diff
@@ -0,0 +1,134 @@
1From: Ricardo Cerqueira <rmcc@clix.pt>
2
3A patch to cause sshd to chroot when it encounters the magic token
4'/./' in a users home directory. The directory portion before the
5token is the directory to chroot() to, the portion after the
6token is the user's home directory relative to the new root.
7
8
9
10diff -ruN openssh-1.2.3pre2-orig/acconfig.h openssh-1.2.3pre2/acconfig.h
11--- openssh-1.2.3pre2-orig/acconfig.h Sat Mar 11 20:45:40 2000
12+++ openssh-1.2.3pre2/acconfig.h Wed Mar 15 11:44:33 2000
13@@ -159,6 +159,9 @@
14 /* Detect IPv4 in IPv6 mapped addresses and treat as IPv4 */
15 #undef IPV4_IN_IPV6
16
17+/* Define if you want to enable chrooted users */
18+#undef CHROOT
19+
20 @BOTTOM@
21
22 /* ******************* Shouldn't need to edit below this line ************** */
23diff -ruN openssh-1.2.3pre2-orig/config.h.in openssh-1.2.3pre2/config.h.in
24--- openssh-1.2.3pre2-orig/config.h.in Wed Mar 15 11:51:02 2000
25+++ openssh-1.2.3pre2/config.h.in Wed Mar 15 11:46:33 2000
26@@ -140,6 +140,9 @@
27 /* Detect IPv4 in IPv6 mapped addresses and treat as IPv4 */
28 #undef IPV4_IN_IPV6
29
30+/* Define if you want to enable chrooted users */
31+#undef CHROOT
32+
33 /* The number of bytes in a char. */
34 #undef SIZEOF_CHAR
35
36diff -ruN openssh-1.2.3pre2-orig/configure openssh-1.2.3pre2/configure
37--- openssh-1.2.3pre2-orig/configure Wed Mar 15 11:51:03 2000
38+++ openssh-1.2.3pre2/configure Wed Mar 15 11:46:34 2000
39@@ -52,6 +52,8 @@
40 ac_help="$ac_help
41 --with-4in6 Check for and convert IPv4 in IPv6 mapped addresses"
42 ac_help="$ac_help
43+ --with-chroot Enable chroot using /./ directory token"
44+ac_help="$ac_help
45 --with-pid-dir=PATH Specify location of ssh.pid file"
46
47 # Initialize some variables set by options.
48@@ -3605,6 +3607,22 @@
49
50 else
51 echo "$ac_t""no (default)" 1>&6
52+ fi
53+
54+
55+fi
56+
57+
58+# Whether to enable the magic chroot token
59+# Check whether --with-chroot or --without-chroot was given.
60+if test "${with_chroot+set}" = set; then
61+ withval="$with_chroot"
62+
63+ if test "x$withval" != "xno" ; then
64+ cat >> confdefs.h <<\EOF
65+#define CHROOT 1
66+EOF
67+
68 fi
69
70
71diff -ruN openssh-1.2.3pre2-orig/configure.in openssh-1.2.3pre2/configure.in
72--- openssh-1.2.3pre2-orig/configure.in Sat Mar 11 20:45:41 2000
73+++ openssh-1.2.3pre2/configure.in Wed Mar 15 11:46:04 2000
74@@ -810,6 +810,16 @@
75 ]
76 )
77
78+# Whether to enable the magic chroot token
79+AC_ARG_WITH(chroot,
80+ [ --with-chroot Enable chroot using /./ directory token],
81+ [
82+ if test "x$withval" != "xno" ; then
83+ AC_DEFINE(CHROOT)
84+ fi
85+ ]
86+)
87+
88 # Where to place sshd.pid
89 piddir=/var/run
90 AC_ARG_WITH(pid-dir,
91diff -ruN openssh-1.2.3pre2-orig/sshd.c openssh-1.2.3pre2/sshd.c
92--- openssh-1.2.3pre2-orig/sshd.c Sat Mar 11 11:58:29 2000
93+++ openssh-1.2.3pre2/sshd.c Wed Mar 15 11:43:38 2000
94@@ -2365,6 +2365,10 @@
95 extern char **environ;
96 struct stat st;
97 char *argv[10];
98+#ifdef CHROOT /* patch by rmcc */
99+ char *user_dir;
100+ char *new_root;
101+#endif /* CHROOT */
102
103 #ifndef USE_PAM /* pam_nologin handles this */
104 /* Check /etc/nologin. */
105@@ -2422,6 +2426,29 @@
106 krb_afslog(0, 0);
107 }
108 #endif /* AFS */
109+
110+#ifdef CHROOT /* patch by rmcc */
111+
112+ user_dir = xstrdup(pw->pw_dir);
113+ new_root = user_dir;
114+
115+ while((new_root = strchr(new_root, '.')) != NULL){
116+ new_root--;
117+ if(strncmp(new_root, "/./", 3) == 0){
118+ *new_root = 0;
119+ new_root += 2;
120+ if(chroot(user_dir) != 0){
121+ printf("Couldn't chroot!\n");
122+ exit(1);
123+ }
124+ pw->pw_dir = new_root;
125+ break;
126+ }
127+ new_root +=2;
128+ }
129+
130+
131+#endif /* CHROOT */
132
133 /* Initialize the environment. */
134 envsize = 100;