diff options
-rw-r--r-- | ChangeLog | 4 | ||||
-rw-r--r-- | configure.ac | 17 | ||||
-rw-r--r-- | openbsd-compat/port-solaris.c | 32 | ||||
-rw-r--r-- | openbsd-compat/port-solaris.h | 5 | ||||
-rw-r--r-- | platform.c | 12 | ||||
-rw-r--r-- | platform.h | 5 | ||||
-rw-r--r-- | session.c | 2 |
7 files changed, 71 insertions, 6 deletions
@@ -20,6 +20,10 @@ | |||
20 | [sftp-server.c] | 20 | [sftp-server.c] |
21 | umask should be parsed as octal. reported by candland AT xmission.com; | 21 | umask should be parsed as octal. reported by candland AT xmission.com; |
22 | ok markus@ | 22 | ok markus@ |
23 | - (dtucker) [configure.ac platform.{c,h} session.c | ||
24 | openbsd-compat/port-solaris.{c,h}] Bug #1824: Add Solaris Project support. | ||
25 | Patch from cory.erickson at csu mnscu edu with a bit of rework from me. | ||
26 | ok djm@ | ||
23 | 27 | ||
24 | 20101025 | 28 | 20101025 |
25 | - (tim) [openbsd-compat/glob.h] Remove sys/cdefs.h include that came with | 29 | - (tim) [openbsd-compat/glob.h] Remove sys/cdefs.h include that came with |
diff --git a/configure.ac b/configure.ac index 2b57e8e06..39b68c70a 100644 --- a/configure.ac +++ b/configure.ac | |||
@@ -1,4 +1,4 @@ | |||
1 | # $Id: configure.ac,v 1.455 2010/10/11 11:35:23 djm Exp $ | 1 | # $Id: configure.ac,v 1.456 2010/11/05 01:03:05 dtucker Exp $ |
2 | # | 2 | # |
3 | # Copyright (c) 1999-2004 Damien Miller | 3 | # Copyright (c) 1999-2004 Damien Miller |
4 | # | 4 | # |
@@ -15,7 +15,7 @@ | |||
15 | # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | 15 | # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
16 | 16 | ||
17 | AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org) | 17 | AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org) |
18 | AC_REVISION($Revision: 1.455 $) | 18 | AC_REVISION($Revision: 1.456 $) |
19 | AC_CONFIG_SRCDIR([ssh.c]) | 19 | AC_CONFIG_SRCDIR([ssh.c]) |
20 | 20 | ||
21 | AC_CONFIG_HEADER(config.h) | 21 | AC_CONFIG_HEADER(config.h) |
@@ -333,6 +333,7 @@ AC_CHECK_HEADERS(sys/mount.h, [], [], [ | |||
333 | # Messages for features tested for in target-specific section | 333 | # Messages for features tested for in target-specific section |
334 | SIA_MSG="no" | 334 | SIA_MSG="no" |
335 | SPC_MSG="no" | 335 | SPC_MSG="no" |
336 | SP_MSG="no" | ||
336 | 337 | ||
337 | # Check for some target-specific stuff | 338 | # Check for some target-specific stuff |
338 | case "$host" in | 339 | case "$host" in |
@@ -704,6 +705,17 @@ mips-sony-bsd|mips-sony-newsos4) | |||
704 | SPC_MSG="yes" ], ) | 705 | SPC_MSG="yes" ], ) |
705 | ], | 706 | ], |
706 | ) | 707 | ) |
708 | AC_ARG_WITH(solaris-projects, | ||
709 | [ --with-solaris-projects Enable Solaris projects (experimental)], | ||
710 | [ | ||
711 | AC_CHECK_LIB(project, setproject, | ||
712 | [ AC_DEFINE(USE_SOLARIS_PROJECTS, 1, | ||
713 | [Define if you have Solaris projects]) | ||
714 | SSHDLIBS="$SSHDLIBS -lproject" | ||
715 | AC_SUBST(SSHDLIBS) | ||
716 | SP_MSG="yes" ], ) | ||
717 | ], | ||
718 | ) | ||
707 | ;; | 719 | ;; |
708 | *-*-sunos4*) | 720 | *-*-sunos4*) |
709 | CPPFLAGS="$CPPFLAGS -DSUNOS4" | 721 | CPPFLAGS="$CPPFLAGS -DSUNOS4" |
@@ -4236,6 +4248,7 @@ echo " TCP Wrappers support: $TCPW_MSG" | |||
4236 | echo " MD5 password support: $MD5_MSG" | 4248 | echo " MD5 password support: $MD5_MSG" |
4237 | echo " libedit support: $LIBEDIT_MSG" | 4249 | echo " libedit support: $LIBEDIT_MSG" |
4238 | echo " Solaris process contract support: $SPC_MSG" | 4250 | echo " Solaris process contract support: $SPC_MSG" |
4251 | echo " Solaris project support: $SP_MSG" | ||
4239 | echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG" | 4252 | echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG" |
4240 | echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" | 4253 | echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" |
4241 | echo " BSD Auth support: $BSD_AUTH_MSG" | 4254 | echo " BSD Auth support: $BSD_AUTH_MSG" |
diff --git a/openbsd-compat/port-solaris.c b/openbsd-compat/port-solaris.c index 2ab64d487..25382f1c9 100644 --- a/openbsd-compat/port-solaris.c +++ b/openbsd-compat/port-solaris.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $Id: port-solaris.c,v 1.3 2006/10/31 23:28:49 dtucker Exp $ */ | 1 | /* $Id: port-solaris.c,v 1.4 2010/11/05 01:03:05 dtucker Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2006 Chad Mynhier. | 4 | * Copyright (c) 2006 Chad Mynhier. |
@@ -197,3 +197,33 @@ solaris_contract_post_fork_parent(pid_t pid) | |||
197 | close(ctl_fd); | 197 | close(ctl_fd); |
198 | } | 198 | } |
199 | #endif | 199 | #endif |
200 | |||
201 | #ifdef USE_SOLARIS_PROJECTS | ||
202 | #include <sys/task.h> | ||
203 | #include <project.h> | ||
204 | |||
205 | /* | ||
206 | * Get/set solaris default project. | ||
207 | * If we fail, just run along gracefully. | ||
208 | */ | ||
209 | void | ||
210 | solaris_set_default_project(struct passwd *pw) | ||
211 | { | ||
212 | struct project *defaultproject; | ||
213 | struct project tempproject; | ||
214 | char buf[1024]; | ||
215 | |||
216 | /* get default project, if we fail just return gracefully */ | ||
217 | if ((defaultproject = getdefaultproj(pw->pw_name, &tempproject, &buf, | ||
218 | sizeof(buf))) > 0) { | ||
219 | /* set default project */ | ||
220 | if (setproject(defaultproject->pj_name, pw->pw_name, | ||
221 | TASK_NORMAL) != 0) | ||
222 | debug("setproject(%s): %s", defaultproject->pj_name, | ||
223 | strerror(errno)); | ||
224 | } else { | ||
225 | /* debug on getdefaultproj() error */ | ||
226 | debug("getdefaultproj(%s): %s", pw->pw_name, strerror(errno)); | ||
227 | } | ||
228 | } | ||
229 | #endif /* USE_SOLARIS_PROJECTS */ | ||
diff --git a/openbsd-compat/port-solaris.h b/openbsd-compat/port-solaris.h index 4c324871e..cd442e78b 100644 --- a/openbsd-compat/port-solaris.h +++ b/openbsd-compat/port-solaris.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $Id: port-solaris.h,v 1.1 2006/08/30 17:24:42 djm Exp $ */ | 1 | /* $Id: port-solaris.h,v 1.2 2010/11/05 01:03:05 dtucker Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2006 Chad Mynhier. | 4 | * Copyright (c) 2006 Chad Mynhier. |
@@ -20,8 +20,11 @@ | |||
20 | 20 | ||
21 | #include <sys/types.h> | 21 | #include <sys/types.h> |
22 | 22 | ||
23 | #include <pwd.h> | ||
24 | |||
23 | void solaris_contract_pre_fork(void); | 25 | void solaris_contract_pre_fork(void); |
24 | void solaris_contract_post_fork_child(void); | 26 | void solaris_contract_post_fork_child(void); |
25 | void solaris_contract_post_fork_parent(pid_t pid); | 27 | void solaris_contract_post_fork_parent(pid_t pid); |
28 | void solaris_set_default_project(struct passwd *); | ||
26 | 29 | ||
27 | #endif | 30 | #endif |
diff --git a/platform.c b/platform.c index e3a428aaa..c894190b2 100644 --- a/platform.c +++ b/platform.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $Id: platform.c,v 1.3 2009/12/20 23:49:22 dtucker Exp $ */ | 1 | /* $Id: platform.c,v 1.4 2010/11/05 01:03:05 dtucker Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2006 Darren Tucker. All rights reserved. | 4 | * Copyright (c) 2006 Darren Tucker. All rights reserved. |
@@ -57,6 +57,16 @@ platform_post_fork_child(void) | |||
57 | #endif | 57 | #endif |
58 | } | 58 | } |
59 | 59 | ||
60 | void | ||
61 | platform_setusercontext(struct passwd *pw) | ||
62 | { | ||
63 | #ifdef USE_SOLARIS_PROJECTS | ||
64 | /* if solaris projects were detected, set the default now */ | ||
65 | if (getuid() == 0 || geteuid() == 0) | ||
66 | solaris_set_default_project(pw); | ||
67 | #endif | ||
68 | } | ||
69 | |||
60 | char * | 70 | char * |
61 | platform_krb5_get_principal_name(const char *pw_name) | 71 | platform_krb5_get_principal_name(const char *pw_name) |
62 | { | 72 | { |
diff --git a/platform.h b/platform.h index 30a1d2259..f0cdd8037 100644 --- a/platform.h +++ b/platform.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $Id: platform.h,v 1.4 2010/01/14 01:44:16 djm Exp $ */ | 1 | /* $Id: platform.h,v 1.5 2010/11/05 01:03:05 dtucker Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2006 Darren Tucker. All rights reserved. | 4 | * Copyright (c) 2006 Darren Tucker. All rights reserved. |
@@ -18,10 +18,13 @@ | |||
18 | 18 | ||
19 | #include <sys/types.h> | 19 | #include <sys/types.h> |
20 | 20 | ||
21 | #include <pwd.h> | ||
22 | |||
21 | void platform_pre_listen(void); | 23 | void platform_pre_listen(void); |
22 | void platform_pre_fork(void); | 24 | void platform_pre_fork(void); |
23 | void platform_post_fork_parent(pid_t child_pid); | 25 | void platform_post_fork_parent(pid_t child_pid); |
24 | void platform_post_fork_child(void); | 26 | void platform_post_fork_child(void); |
27 | void platform_setusercontext(struct passwd *); | ||
25 | char *platform_get_krb5_client(const char *); | 28 | char *platform_get_krb5_client(const char *); |
26 | char *platform_krb5_get_principal_name(const char *); | 29 | char *platform_krb5_get_principal_name(const char *); |
27 | 30 | ||
@@ -1469,6 +1469,8 @@ do_setusercontext(struct passwd *pw) | |||
1469 | { | 1469 | { |
1470 | char *chroot_path, *tmp; | 1470 | char *chroot_path, *tmp; |
1471 | 1471 | ||
1472 | platform_setusercontext(pw); | ||
1473 | |||
1472 | #ifdef WITH_SELINUX | 1474 | #ifdef WITH_SELINUX |
1473 | /* Cache selinux status for later use */ | 1475 | /* Cache selinux status for later use */ |
1474 | (void)ssh_selinux_enabled(); | 1476 | (void)ssh_selinux_enabled(); |