import openssh-4.6p1-gsskex-20070312.patch

author: Colin Watson <cjwatson@debian.org> 2009-12-29 21:38:40 +0000
committer: Colin Watson <cjwatson@debian.org> 2009-12-29 21:38:40 +0000
commit: 1b816ea846aca3ee89e7995373ace609e9518424 (patch)
tree: b41cdc8495cae7fa9c2e0f98a5f2e71656b61f9a /contrib/cygwin/ssh-host-config
parent: fa585019a79ebcb4e0202b1c33f87ff1c5c9ce1c (diff)
parent: 086ea76990b1e6287c24b6db74adffd4605eb3b0 (diff)
1 files changed, 26 insertions, 15 deletions
diff --git a/contrib/cygwin/ssh-host-config b/contrib/cygwin/ssh-host-config
index 0540890e6..e2ad69f19 100644
--- a/contrib/cygwin/ssh-host-config
+++ b/contrib/cygwin/ssh-host-config
@@ -153,22 +153,31 @@ fi
 # Create /var/log and /var/log/lastlog if not already existing
-if [ -f ${LOCALSTATEDIR}/log ]
+if [ -e ${LOCALSTATEDIR}/log -a ! -d ${LOCALSTATEDIR}/log ]
 then
-  echo "Creating ${LOCALSTATEDIR}/log failed!"
+  echo
-else
+  echo "${LOCALSTATEDIR}/log is existant but not a directory."
-  if [ ! -d ${LOCALSTATEDIR}/log ]
+  echo "Cannot create ssh host configuration."
-  then
+  echo
-    mkdir -p ${LOCALSTATEDIR}/log
+  exit 1
-  fi
+fi
-  if [ -d ${LOCALSTATEDIR}/log/lastlog ]
+if [ ! -e ${LOCALSTATEDIR}/log ]
-  then
+then
-    chmod 777 ${LOCALSTATEDIR}/log/lastlog
+  mkdir -p ${LOCALSTATEDIR}/log
-  elif [ ! -f ${LOCALSTATEDIR}/log/lastlog ]
+fi
-  then
-    cat /dev/null > ${LOCALSTATEDIR}/log/lastlog
+if [ -e ${LOCALSTATEDIR}/log/lastlog -a ! -f ${LOCALSTATEDIR}/log/lastlog ]
-    chmod 666 ${LOCALSTATEDIR}/log/lastlog
+then
-  fi
+  echo 
+  echo "${LOCALSTATEDIR}/log/lastlog exists, but is not a file."
+  echo "Cannot create ssh host configuration."
+  echo 
+  exit 1
+fi
+if [ ! -e ${LOCALSTATEDIR}/log/lastlog ]
+then
+  cat /dev/null > ${LOCALSTATEDIR}/log/lastlog
+  chmod 644 ${LOCALSTATEDIR}/log/lastlog
 fi
 # Create /var/empty file used as chroot jail for privilege separation
@@ -507,6 +516,7 @@ then
            fi
            editrights -a SeAssignPrimaryTokenPrivilege -u sshd_server &&
            editrights -a SeCreateTokenPrivilege -u sshd_server &&
+            editrights -a SeTcbPrivilege -u sshd_server &&
            editrights -a SeDenyInteractiveLogonRight -u sshd_server &&
            editrights -a SeDenyNetworkLogonRight -u sshd_server &&
            editrights -a SeDenyRemoteInteractiveLogonRight -u sshd_server &&
@@ -578,6 +588,7 @@ then
      fi
      chown "${_user}" ${SYSCONFDIR}/ssh*
      chown "${_user}".544 ${LOCALSTATEDIR}/empty
+      chown "${_user}".544 ${LOCALSTATEDIR}/log/lastlog
      if [ -f ${LOCALSTATEDIR}/log/sshd.log ]
      then
        chown "${_user}".544 ${LOCALSTATEDIR}/log/sshd.log
author	Colin Watson <cjwatson@debian.org>	2009-12-29 21:38:40 +0000
committer	Colin Watson <cjwatson@debian.org>	2009-12-29 21:38:40 +0000
commit	1b816ea846aca3ee89e7995373ace609e9518424 (patch)
tree	b41cdc8495cae7fa9c2e0f98a5f2e71656b61f9a /contrib/cygwin/ssh-host-config
parent	fa585019a79ebcb4e0202b1c33f87ff1c5c9ce1c (diff)
parent	086ea76990b1e6287c24b6db74adffd4605eb3b0 (diff)

diff --git a/contrib/cygwin/ssh-host-config b/contrib/cygwin/ssh-host-config index 0540890e6..e2ad69f19 100644 --- a/contrib/cygwin/ssh-host-config +++ b/contrib/cygwin/ssh-host-config
@@ -153,22 +153,31 @@ fi
153		153
154	# Create /var/log and /var/log/lastlog if not already existing	154	# Create /var/log and /var/log/lastlog if not already existing
155		155
156	if [ -f ${LOCALSTATEDIR}/log ]	156	if [ -e ${LOCALSTATEDIR}/log -a ! -d ${LOCALSTATEDIR}/log ]
157	then	157	then
158	echo "Creating ${LOCALSTATEDIR}/log failed!"	158	echo
159	else	159	echo "${LOCALSTATEDIR}/log is existant but not a directory."
160	if [ ! -d ${LOCALSTATEDIR}/log ]	160	echo "Cannot create ssh host configuration."
161	then	161	echo
162	mkdir -p ${LOCALSTATEDIR}/log	162	exit 1
163	fi	163	fi
164	if [ -d ${LOCALSTATEDIR}/log/lastlog ]	164	if [ ! -e ${LOCALSTATEDIR}/log ]
165	then	165	then
166	chmod 777 ${LOCALSTATEDIR}/log/lastlog	166	mkdir -p ${LOCALSTATEDIR}/log
167	elif [ ! -f ${LOCALSTATEDIR}/log/lastlog ]	167	fi
168	then	168
169	cat /dev/null > ${LOCALSTATEDIR}/log/lastlog	169	if [ -e ${LOCALSTATEDIR}/log/lastlog -a ! -f ${LOCALSTATEDIR}/log/lastlog ]
170	chmod 666 ${LOCALSTATEDIR}/log/lastlog	170	then
171	fi	171	echo
		172	echo "${LOCALSTATEDIR}/log/lastlog exists, but is not a file."
		173	echo "Cannot create ssh host configuration."
		174	echo
		175	exit 1
		176	fi
		177	if [ ! -e ${LOCALSTATEDIR}/log/lastlog ]
		178	then
		179	cat /dev/null > ${LOCALSTATEDIR}/log/lastlog
		180	chmod 644 ${LOCALSTATEDIR}/log/lastlog
172	fi	181	fi
173		182
174	# Create /var/empty file used as chroot jail for privilege separation	183	# Create /var/empty file used as chroot jail for privilege separation
@@ -507,6 +516,7 @@ then
507	fi	516	fi
508	editrights -a SeAssignPrimaryTokenPrivilege -u sshd_server &&	517	editrights -a SeAssignPrimaryTokenPrivilege -u sshd_server &&
509	editrights -a SeCreateTokenPrivilege -u sshd_server &&	518	editrights -a SeCreateTokenPrivilege -u sshd_server &&
		519	editrights -a SeTcbPrivilege -u sshd_server &&
510	editrights -a SeDenyInteractiveLogonRight -u sshd_server &&	520	editrights -a SeDenyInteractiveLogonRight -u sshd_server &&
511	editrights -a SeDenyNetworkLogonRight -u sshd_server &&	521	editrights -a SeDenyNetworkLogonRight -u sshd_server &&
512	editrights -a SeDenyRemoteInteractiveLogonRight -u sshd_server &&	522	editrights -a SeDenyRemoteInteractiveLogonRight -u sshd_server &&
@@ -578,6 +588,7 @@ then
578	fi	588	fi
579	chown "${_user}" ${SYSCONFDIR}/ssh*	589	chown "${_user}" ${SYSCONFDIR}/ssh*
580	chown "${_user}".544 ${LOCALSTATEDIR}/empty	590	chown "${_user}".544 ${LOCALSTATEDIR}/empty
		591	chown "${_user}".544 ${LOCALSTATEDIR}/log/lastlog
581	if [ -f ${LOCALSTATEDIR}/log/sshd.log ]	592	if [ -f ${LOCALSTATEDIR}/log/sshd.log ]
582	then	593	then
583	chown "${_user}".544 ${LOCALSTATEDIR}/log/sshd.log	594	chown "${_user}".544 ${LOCALSTATEDIR}/log/sshd.log