3 files changed, 17 insertions, 7 deletions

diff --git a/ChangeLog b/ChangeLog
index 4efc11acd..6d1bb96b7 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,8 @@
 20020625
  - (stevesk) [INSTALL acconfig.h configure.ac defines.h] remove --with-rsh
  - (stevesk) [README.privsep] minor updates
+ - (djm) Create privsep directory and warn if privsep user is missing 
+   during make install
 
 20020624
  - OpenBSD CVS Sync
@@ -1086,4 +1088,4 @@
  - (stevesk) entropy.c: typo in debug message
  - (djm) ssh-keygen -i needs seeded RNG; report from markus@
 
-$Id: ChangeLog,v 1.2266 2002/06/24 16:49:22 stevesk Exp $
+$Id: ChangeLog,v 1.2267 2002/06/25 00:24:47 djm Exp $
diff --git a/Makefile.in b/Makefile.in
index 4b3e27865..7eb8ec268 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -1,4 +1,4 @@
-# $Id: Makefile.in,v 1.215 2002/06/21 01:38:53 mouring Exp $
+# $Id: Makefile.in,v 1.216 2002/06/25 00:24:47 djm Exp $
 
 # uncomment if you run a non bourne compatable shell. Ie. csh
 #SHELL = @SH@
@@ -26,6 +26,7 @@ SFTP_SERVER=$(libexecdir)/sftp-server
 SSH_KEYSIGN=$(libexecdir)/ssh-keysign
 RAND_HELPER=$(libexecdir)/ssh-rand-helper
 PRIVSEP_PATH=@PRIVSEP_PATH@
+SSH_PRIVSEP_USER=@SSH_PRIVSEP_USER@
 
 PATHS= -DSSHDIR=\"$(sysconfdir)\" \
         -D_PATH_SSH_PROGRAM=\"$(SSH_PROGRAM)\" \
@@ -197,9 +198,13 @@ distprep: catman-do
         $(AUTORECONF)
         (cd scard && $(MAKE) -f Makefile.in distprep)
 
-install: $(CONFIGFILES) $(MANPAGES) $(TARGETS) install-files host-key
+install: $(CONFIGFILES) $(MANPAGES) $(TARGETS) install-files host-key check-user
 install-nokeys: $(CONFIGFILES) $(MANPAGES) $(TARGETS) install-files
 
+check-user:
+        id $(SSH_PRIVSEP_USER) || \
+                echo "WARNING: Privilege separation user \"$(SSH_PRIVSEP_USER)\" does not exist"
+
 scard-install:
         (cd scard && $(MAKE) DESTDIR=$(DESTDIR) install)
 
@@ -212,6 +217,8 @@ install-files: scard-install
         $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)5
         $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)8
         $(srcdir)/mkinstalldirs $(DESTDIR)$(libexecdir)
+        $(srcdir)/mkinstalldirs $(DESTDIR)$(PRIVSEP_PATH)
+        chmod 0700 $(DESTDIR)$(PRIVSEP_PATH)
         $(INSTALL) -m 0755 -s ssh $(DESTDIR)$(bindir)/ssh
         $(INSTALL) -m 0755 -s scp $(DESTDIR)$(bindir)/scp
         $(INSTALL) -m 0755 -s ssh-add $(DESTDIR)$(bindir)/ssh-add
diff --git a/configure.ac b/configure.ac
index 44ff46ab1..d29091e9e 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,4 +1,4 @@
-# $Id: configure.ac,v 1.69 2002/06/24 16:26:49 stevesk Exp $
+# $Id: configure.ac,v 1.70 2002/06/25 00:24:48 djm Exp $
 
 AC_INIT
 AC_CONFIG_SRCDIR([ssh.c])
@@ -906,16 +906,17 @@ AC_ARG_WITH(entropy-timeout,
 )
 AC_DEFINE_UNQUOTED(ENTROPY_TIMEOUT_MSEC, $entropy_timeout)
 
-ssh_privsep_user=sshd
+SSH_PRIVSEP_USER=sshd
 AC_ARG_WITH(privsep-user,
         [  --with-privsep-user=user Specify non-privileged user for privilege separation],
         [
                 if test -n "$withval"; then
-                        ssh_privsep_user=$withval
+                        SSH_PRIVSEP_USER=$withval
                 fi
         ]       
 )
-AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$ssh_privsep_user")
+AC_DEFINE_UNQUOTED(SSH_PRIVSEP_USER, "$SSH_PRIVSEP_USER")
+AC_SUBST(SSH_PRIVSEP_USER)
 
 # We do this little dance with the search path to insure
 # that programs that we select for use by installed programs