diff options
| author | Damien Miller <djm@google.com> | 2014-11-05 11:01:31 +1100 |
|---|---|---|
| committer | Damien Miller <djm@google.com> | 2014-11-05 11:01:31 +1100 |
| commit | 0e4cff5f35ed11102fe3783779960ef07e0cd381 (patch) | |
| tree | e3cad7389dcea8036ea8c603df413b02cb6d9a25 /contrib | |
| parent | 7d0ba5336651731949762eb8877ce9e3b52df436 (diff) | |
Prepare scripts for next Cygwin release
Makes the Cygwin-specific ssh-user-config script independent of the
existence of /etc/passwd. The next Cygwin release will allow to
generate passwd and group entries from the Windows account DBs, so the
scripts have to adapt.
from Corinna Vinschen
Diffstat (limited to 'contrib')
| -rw-r--r-- | contrib/cygwin/ssh-host-config | 6 | ||||
| -rw-r--r-- | contrib/cygwin/ssh-user-config | 27 |
2 files changed, 11 insertions, 22 deletions
diff --git a/contrib/cygwin/ssh-host-config b/contrib/cygwin/ssh-host-config index a7ea3e0d2..301d5eb6e 100644 --- a/contrib/cygwin/ssh-host-config +++ b/contrib/cygwin/ssh-host-config | |||
| @@ -1,6 +1,6 @@ | |||
| 1 | #!/bin/bash | 1 | #!/bin/bash |
| 2 | # | 2 | # |
| 3 | # ssh-host-config, Copyright 2000-2011 Red Hat Inc. | 3 | # ssh-host-config, Copyright 2000-2014 Red Hat Inc. |
| 4 | # | 4 | # |
| 5 | # This file is part of the Cygwin port of OpenSSH. | 5 | # This file is part of the Cygwin port of OpenSSH. |
| 6 | # | 6 | # |
| @@ -353,11 +353,9 @@ check_service_files_ownership() { | |||
| 353 | fi | 353 | fi |
| 354 | if [ -z "${run_service_as}" ] | 354 | if [ -z "${run_service_as}" ] |
| 355 | then | 355 | then |
| 356 | csih_warning "Couldn't determine name of user running sshd service from /etc/passwd!" | 356 | csih_warning "Couldn't determine name of user running sshd service from account database!" |
| 357 | csih_warning "As a result, this script cannot make sure that the files used" | 357 | csih_warning "As a result, this script cannot make sure that the files used" |
| 358 | csih_warning "by the sshd service belong to the user running the service." | 358 | csih_warning "by the sshd service belong to the user running the service." |
| 359 | csih_warning "Please re-run the mkpasswd tool to make sure the /etc/passwd" | ||
| 360 | csih_warning "file is in a good shape." | ||
| 361 | return 1 | 359 | return 1 |
| 362 | fi | 360 | fi |
| 363 | fi | 361 | fi |
diff --git a/contrib/cygwin/ssh-user-config b/contrib/cygwin/ssh-user-config index 8708b7a58..33dc0cbea 100644 --- a/contrib/cygwin/ssh-user-config +++ b/contrib/cygwin/ssh-user-config | |||
| @@ -1,6 +1,6 @@ | |||
| 1 | #!/bin/bash | 1 | #!/bin/bash |
| 2 | # | 2 | # |
| 3 | # ssh-user-config, Copyright 2000-2008 Red Hat Inc. | 3 | # ssh-user-config, Copyright 2000-2014 Red Hat Inc. |
| 4 | # | 4 | # |
| 5 | # This file is part of the Cygwin port of OpenSSH. | 5 | # This file is part of the Cygwin port of OpenSSH. |
| 6 | # | 6 | # |
| @@ -75,19 +75,18 @@ readonly -f create_identity | |||
| 75 | # pwdhome | 75 | # pwdhome |
| 76 | # ====================================================================== | 76 | # ====================================================================== |
| 77 | check_user_homedir() { | 77 | check_user_homedir() { |
| 78 | local uid=$(id -u) | 78 | pwdhome=$(getent passwd $UID | awk -F: '{ print $6; }') |
| 79 | pwdhome=$(awk -F: '{ if ( $3 == '${uid}' ) print $6; }' < ${SYSCONFDIR}/passwd) | ||
| 80 | if [ "X${pwdhome}" = "X" ] | 79 | if [ "X${pwdhome}" = "X" ] |
| 81 | then | 80 | then |
| 82 | csih_error_multi \ | 81 | csih_error_multi \ |
| 83 | "There is no home directory set for you in ${SYSCONFDIR}/passwd." \ | 82 | "There is no home directory set for you in the account database." \ |
| 84 | 'Setting $HOME is not sufficient!' | 83 | 'Setting $HOME is not sufficient!' |
| 85 | fi | 84 | fi |
| 86 | 85 | ||
| 87 | if [ ! -d "${pwdhome}" ] | 86 | if [ ! -d "${pwdhome}" ] |
| 88 | then | 87 | then |
| 89 | csih_error_multi \ | 88 | csih_error_multi \ |
| 90 | "${pwdhome} is set in ${SYSCONFDIR}/passwd as your home directory" \ | 89 | "${pwdhome} is set in the account database as your home directory" \ |
| 91 | 'but it is not a valid directory. Cannot create user identity files.' | 90 | 'but it is not a valid directory. Cannot create user identity files.' |
| 92 | fi | 91 | fi |
| 93 | 92 | ||
| @@ -96,7 +95,7 @@ check_user_homedir() { | |||
| 96 | if [ "X${pwdhome}" = "X/" ] | 95 | if [ "X${pwdhome}" = "X/" ] |
| 97 | then | 96 | then |
| 98 | # But first raise a warning! | 97 | # But first raise a warning! |
| 99 | csih_warning "Your home directory in ${SYSCONFDIR}/passwd is set to root (/). This is not recommended!" | 98 | csih_warning "Your home directory in the account database is set to root (/). This is not recommended!" |
| 100 | if csih_request "Would you like to proceed anyway?" | 99 | if csih_request "Would you like to proceed anyway?" |
| 101 | then | 100 | then |
| 102 | pwdhome='' | 101 | pwdhome='' |
| @@ -106,7 +105,7 @@ check_user_homedir() { | |||
| 106 | fi | 105 | fi |
| 107 | fi | 106 | fi |
| 108 | 107 | ||
| 109 | if [ -d "${pwdhome}" -a csih_is_nt -a -n "`chmod -c g-w,o-w "${pwdhome}"`" ] | 108 | if [ -d "${pwdhome}" -a -n "`chmod -c g-w,o-w "${pwdhome}"`" ] |
| 110 | then | 109 | then |
| 111 | echo | 110 | echo |
| 112 | csih_warning 'group and other have been revoked write permission to your home' | 111 | csih_warning 'group and other have been revoked write permission to your home' |
| @@ -149,9 +148,10 @@ readonly -f check_user_dot_ssh_dir | |||
| 149 | # pwdhome -- check_user_homedir() | 148 | # pwdhome -- check_user_homedir() |
| 150 | # ====================================================================== | 149 | # ====================================================================== |
| 151 | fix_authorized_keys_perms() { | 150 | fix_authorized_keys_perms() { |
| 152 | if [ csih_is_nt -a -e "${pwdhome}/.ssh/authorized_keys" ] | 151 | if [ -e "${pwdhome}/.ssh/authorized_keys" ] |
| 153 | then | 152 | then |
| 154 | if ! setfacl -m "u::rw-,g::---,o::---" "${pwdhome}/.ssh/authorized_keys" | 153 | setfacl -b "${pwdhome}/.ssh/authorized_keys" 2>/dev/null || echo -n |
| 154 | if ! chmod u-x,g-wx,o-wx "${pwdhome}/.ssh/authorized_keys" | ||
| 155 | then | 155 | then |
| 156 | csih_warning "Setting correct permissions to ${pwdhome}/.ssh/authorized_keys" | 156 | csih_warning "Setting correct permissions to ${pwdhome}/.ssh/authorized_keys" |
| 157 | csih_warning "failed. Please care for the correct permissions. The minimum requirement" | 157 | csih_warning "failed. Please care for the correct permissions. The minimum requirement" |
| @@ -243,15 +243,6 @@ done | |||
| 243 | # Action! | 243 | # Action! |
| 244 | # ====================================================================== | 244 | # ====================================================================== |
| 245 | 245 | ||
| 246 | # Check passwd file | ||
| 247 | if [ ! -f ${SYSCONFDIR}/passwd ] | ||
| 248 | then | ||
| 249 | csih_error_multi \ | ||
| 250 | "${SYSCONFDIR}/passwd is nonexistant. Please generate an ${SYSCONFDIR}/passwd file" \ | ||
| 251 | 'first using mkpasswd. Check if it contains an entry for you and' \ | ||
| 252 | 'please care for the home directory in your entry as well.' | ||
| 253 | fi | ||
| 254 | |||
| 255 | check_user_homedir | 246 | check_user_homedir |
| 256 | check_user_dot_ssh_dir | 247 | check_user_dot_ssh_dir |
| 257 | create_identity id_rsa rsa "SSH2 RSA" | 248 | create_identity id_rsa rsa "SSH2 RSA" |