diff options
| -rw-r--r-- | ChangeLog | 3 | ||||
| -rw-r--r-- | README.privsep | 9 |
2 files changed, 5 insertions, 7 deletions
| @@ -29,6 +29,7 @@ | |||
| 29 | - (tim) [Makefile.in] fix test on installing ssh-rand-helper.8 | 29 | - (tim) [Makefile.in] fix test on installing ssh-rand-helper.8 |
| 30 | - (bal) added back in error check for mmap(). I screwed up, Pointed | 30 | - (bal) added back in error check for mmap(). I screwed up, Pointed |
| 31 | out by stevesk@ | 31 | out by stevesk@ |
| 32 | - (tim) [README.privsep] UnixWare tip no longer needed. | ||
| 32 | 33 | ||
| 33 | 20020625 | 34 | 20020625 |
| 34 | - (stevesk) [INSTALL acconfig.h configure.ac defines.h] remove --with-rsh | 35 | - (stevesk) [INSTALL acconfig.h configure.ac defines.h] remove --with-rsh |
| @@ -1128,4 +1129,4 @@ | |||
| 1128 | - (stevesk) entropy.c: typo in debug message | 1129 | - (stevesk) entropy.c: typo in debug message |
| 1129 | - (djm) ssh-keygen -i needs seeded RNG; report from markus@ | 1130 | - (djm) ssh-keygen -i needs seeded RNG; report from markus@ |
| 1130 | 1131 | ||
| 1131 | $Id: ChangeLog,v 1.2284 2002/06/26 00:22:57 mouring Exp $ | 1132 | $Id: ChangeLog,v 1.2285 2002/06/26 00:25:47 tim Exp $ |
diff --git a/README.privsep b/README.privsep index 12b9cb2fc..dd8069a77 100644 --- a/README.privsep +++ b/README.privsep | |||
| @@ -23,9 +23,6 @@ prepare the privsep preauth environment: | |||
| 23 | # groupadd sshd | 23 | # groupadd sshd |
| 24 | # useradd -g sshd -c 'sshd privsep' -d /var/empty sshd | 24 | # useradd -g sshd -c 'sshd privsep' -d /var/empty sshd |
| 25 | 25 | ||
| 26 | If you are on UnixWare 7 or OpenUNIX 8 do this additional step. | ||
| 27 | # ln /usr/lib/.ns.so /usr/lib/ns.so.1 | ||
| 28 | |||
| 29 | /var/empty should not contain any files. | 26 | /var/empty should not contain any files. |
| 30 | 27 | ||
| 31 | configure supports the following options to change the default | 28 | configure supports the following options to change the default |
| @@ -34,8 +31,8 @@ privsep user and chroot directory: | |||
| 34 | --with-privsep-path=xxx Path for privilege separation chroot | 31 | --with-privsep-path=xxx Path for privilege separation chroot |
| 35 | --with-privsep-user=user Specify non-privileged user for privilege separation | 32 | --with-privsep-user=user Specify non-privileged user for privilege separation |
| 36 | 33 | ||
| 37 | Privsep requires operating system support for file descriptor passing | 34 | Privsep requires operating system support for file descriptor passing. |
| 38 | and mmap(MAP_ANON). | 35 | Compression will be disabled on systems without a working mmap MAP_ANON. |
| 39 | 36 | ||
| 40 | PAM-enabled OpenSSH is known to function with privsep on Linux. | 37 | PAM-enabled OpenSSH is known to function with privsep on Linux. |
| 41 | It does not function on HP-UX with a trusted system | 38 | It does not function on HP-UX with a trusted system |
| @@ -57,4 +54,4 @@ process 1005 is the sshd process listening for new connections. | |||
| 57 | process 6917 is the privileged monitor process, 6919 is the user owned | 54 | process 6917 is the privileged monitor process, 6919 is the user owned |
| 58 | sshd process and 6921 is the shell process. | 55 | sshd process and 6921 is the shell process. |
| 59 | 56 | ||
| 60 | $Id: README.privsep,v 1.8 2002/06/24 16:49:22 stevesk Exp $ | 57 | $Id: README.privsep,v 1.9 2002/06/26 00:25:48 tim Exp $ |