Allow authenticating as root using gssapi-keyex even with "PermitRootLogin prohibit-password" (closes: #809695).

author: Colin Watson <cjwatson@debian.org> 2016-01-04 13:43:57 +0000
committer: Colin Watson <cjwatson@debian.org> 2016-01-04 13:45:10 +0000
commit: 3782b4ad3e4eae51a99fd3cc4a6e401d117636a2 (patch)
tree: d53f1c0addcfd6df3e63cbdd7a8ca52112b1c9b4 /debian/patches/user-group-modes.patch
parent: f9c35cbf21fa84501c5786923b4d200523977802 (diff)
parent: 1f715c783abc11e805d9fd8af4847c3514fcb296 (diff)
1 files changed, 5 insertions, 5 deletions
diff --git a/debian/patches/user-group-modes.patch b/debian/patches/user-group-modes.patch
index 98d37d36c..2e1be8dd3 100644
--- a/debian/patches/user-group-modes.patch
+++ b/debian/patches/user-group-modes.patch
@@ -1,4 +1,4 @@
-From aae427a0c7d5702bf294191533ab1f33437a8a56 Mon Sep 17 00:00:00 2001
+From 628e08e8a589dff2178a6725d32c5699f11b2405 Mon Sep 17 00:00:00 2001
 From: Colin Watson <cjwatson@debian.org>
 Date: Sun, 9 Feb 2014 16:09:58 +0000
 Subject: Allow harmless group-writability
@@ -52,10 +52,10 @@ index ee9e827..2ff2cff 100644
                            pw->pw_name, buf);
                        auth_debug_add("Bad file modes for %.200s", buf);
 diff --git a/auth.c b/auth.c
-index 214c2c7..25be632 100644
+index bd6a026..782b7f8 100644
 --- a/auth.c
 +++ b/auth.c
-@@ -424,8 +424,7 @@ check_key_in_hostfiles(struct passwd *pw, Key *key, const char *host,
+@@ -425,8 +425,7 @@ check_key_in_hostfiles(struct passwd *pw, Key *key, const char *host,
                user_hostfile = tilde_expand_filename(userfile, pw->pw_uid);
                if (options.strict_modes &&
                    (stat(user_hostfile, &st) == 0) &&
@@ -65,7 +65,7 @@ index 214c2c7..25be632 100644
                        logit("Authentication refused for %.100s: "
                            "bad owner or modes for %.200s",
                            pw->pw_name, user_hostfile);
-@@ -487,8 +486,7 @@ auth_secure_path(const char *name, struct stat *stp, const char *pw_dir,
+@@ -488,8 +487,7 @@ auth_secure_path(const char *name, struct stat *stp, const char *pw_dir,
                snprintf(err, errlen, "%s is not a regular file", buf);
                return -1;
        }
@@ -75,7 +75,7 @@ index 214c2c7..25be632 100644
                snprintf(err, errlen, "bad ownership or modes for file %s",
                    buf);
                return -1;
-@@ -503,8 +501,7 @@ auth_secure_path(const char *name, struct stat *stp, const char *pw_dir,
+@@ -504,8 +502,7 @@ auth_secure_path(const char *name, struct stat *stp, const char *pw_dir,
                strlcpy(buf, cp, sizeof(buf));
 
                if (stat(buf, &st) < 0 ||
author	Colin Watson <cjwatson@debian.org>	2016-01-04 13:43:57 +0000
committer	Colin Watson <cjwatson@debian.org>	2016-01-04 13:45:10 +0000
commit	3782b4ad3e4eae51a99fd3cc4a6e401d117636a2 (patch)
tree	d53f1c0addcfd6df3e63cbdd7a8ca52112b1c9b4 /debian/patches/user-group-modes.patch
parent	f9c35cbf21fa84501c5786923b4d200523977802 (diff)
parent	1f715c783abc11e805d9fd8af4847c3514fcb296 (diff)

diff --git a/debian/patches/user-group-modes.patch b/debian/patches/user-group-modes.patch index 98d37d36c..2e1be8dd3 100644 --- a/debian/patches/user-group-modes.patch +++ b/debian/patches/user-group-modes.patch
@@ -1,4 +1,4 @@
1	From aae427a0c7d5702bf294191533ab1f33437a8a56 Mon Sep 17 00:00:00 2001	1	From 628e08e8a589dff2178a6725d32c5699f11b2405 Mon Sep 17 00:00:00 2001
2	From: Colin Watson <cjwatson@debian.org>	2	From: Colin Watson <cjwatson@debian.org>
3	Date: Sun, 9 Feb 2014 16:09:58 +0000	3	Date: Sun, 9 Feb 2014 16:09:58 +0000
4	Subject: Allow harmless group-writability	4	Subject: Allow harmless group-writability
@@ -52,10 +52,10 @@ index ee9e827..2ff2cff 100644
52	pw->pw_name, buf);	52	pw->pw_name, buf);
53	auth_debug_add("Bad file modes for %.200s", buf);	53	auth_debug_add("Bad file modes for %.200s", buf);
54	diff --git a/auth.c b/auth.c	54	diff --git a/auth.c b/auth.c
55	index 214c2c7..25be632 100644	55	index bd6a026..782b7f8 100644
56	--- a/auth.c	56	--- a/auth.c
57	+++ b/auth.c	57	+++ b/auth.c
58	@@ -424,8 +424,7 @@ check_key_in_hostfiles(struct passwd pw, Key key, const char *host,	58	@@ -425,8 +425,7 @@ check_key_in_hostfiles(struct passwd pw, Key key, const char *host,
59	user_hostfile = tilde_expand_filename(userfile, pw->pw_uid);	59	user_hostfile = tilde_expand_filename(userfile, pw->pw_uid);
60	if (options.strict_modes &&	60	if (options.strict_modes &&
61	(stat(user_hostfile, &st) == 0) &&	61	(stat(user_hostfile, &st) == 0) &&
@@ -65,7 +65,7 @@ index 214c2c7..25be632 100644
65	logit("Authentication refused for %.100s: "	65	logit("Authentication refused for %.100s: "
66	"bad owner or modes for %.200s",	66	"bad owner or modes for %.200s",
67	pw->pw_name, user_hostfile);	67	pw->pw_name, user_hostfile);
68	@@ -487,8 +486,7 @@ auth_secure_path(const char name, struct stat stp, const char *pw_dir,	68	@@ -488,8 +487,7 @@ auth_secure_path(const char name, struct stat stp, const char *pw_dir,
69	snprintf(err, errlen, "%s is not a regular file", buf);	69	snprintf(err, errlen, "%s is not a regular file", buf);
70	return -1;	70	return -1;
71	}	71	}
@@ -75,7 +75,7 @@ index 214c2c7..25be632 100644
75	snprintf(err, errlen, "bad ownership or modes for file %s",	75	snprintf(err, errlen, "bad ownership or modes for file %s",
76	buf);	76	buf);
77	return -1;	77	return -1;
78	@@ -503,8 +501,7 @@ auth_secure_path(const char name, struct stat stp, const char *pw_dir,	78	@@ -504,8 +502,7 @@ auth_secure_path(const char name, struct stat stp, const char *pw_dir,
79	strlcpy(buf, cp, sizeof(buf));	79	strlcpy(buf, cp, sizeof(buf));
80		80
81	if (stat(buf, &st) < 0 \|\|	81	if (stat(buf, &st) < 0 \|\|