5 files changed, 28 insertions, 8 deletions
diff --git a/ChangeLog b/ChangeLog
index 859c01ad9..730cdd92c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -2,6 +2,9 @@
 - (dtucker) [regress/Makefile regress/cipher-speed.sh regress/test-exec.sh]
   Improve portability of cipher-speed test, based mostly on a patch from
   Iain Morgan.
+ - (dtucker) [auth.c configure.ac platform.c platform.h] Accept uid 2 ("bin")
+   in addition to root as an owner of system directories on AIX and HP-UX.
+   ok djm@
 20130307
 - (dtucker) [INSTALL] Bump documented autoconf version to what we're
diff --git a/auth.c b/auth.c
index 054c7282f..6128fa460 100644
--- a/auth.c
+++ b/auth.c
@@ -448,7 +448,7 @@ auth_secure_path(const char *name, struct stat *stp, const char *pw_dir,
                snprintf(err, errlen, "%s is not a regular file", buf);
                return -1;
        }
-        if ((stp->st_uid != 0 && stp->st_uid != uid) ||
+        if ((!platform_sys_dir_uid(stp->st_uid) && stp->st_uid != uid) ||
            (stp->st_mode & 022) != 0) {
                snprintf(err, errlen, "bad ownership or modes for file %s",
                    buf);
@@ -464,7 +464,7 @@ auth_secure_path(const char *name, struct stat *stp, const char *pw_dir,
                strlcpy(buf, cp, sizeof(buf));
                if (stat(buf, &st) < 0 ||
-                    (st.st_uid != 0 && st.st_uid != uid) ||
+                    (!platform_sys_dir_uid(st.st_uid) && st.st_uid != uid) ||
                    (st.st_mode & 022) != 0) {
                        snprintf(err, errlen,
                            "bad ownership or modes for directory %s", buf);
diff --git a/configure.ac b/configure.ac
index 6005d7c2f..a49de84e1 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,4 +1,4 @@
-# $Id: configure.ac,v 1.513 2013/03/08 01:14:23 djm Exp $
+# $Id: configure.ac,v 1.514 2013/03/12 00:31:05 dtucker Exp $
 #
 # Copyright (c) 1999-2004 Damien Miller
 #
@@ -15,7 +15,7 @@
 # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 AC_INIT([OpenSSH], [Portable], [openssh-unix-dev@mindrot.org])
-AC_REVISION($Revision: 1.513 $)
+AC_REVISION($Revision: 1.514 $)
 AC_CONFIG_SRCDIR([ssh.c])
 AC_LANG([C])
@@ -480,6 +480,7 @@ case "$host" in
        AC_DEFINE([SSHPAM_CHAUTHTOK_NEEDS_RUID], [1],
            [AIX 5.2 and 5.3 (and presumably newer) require this])
        AC_DEFINE([PTY_ZEROREAD], [1], [read(1) can return 0 for a non-closed fd])
+        AC_DEFINE([PLATFORM_SYS_DIR_UID], 2, [System dirs owned by bin (uid 2)])
        ;;
 *-*-cygwin*)
        check_for_libcrypt_later=1
@@ -565,6 +566,7 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
        AC_DEFINE([LOCKED_PASSWD_STRING], ["*"],
                [String used in /etc/passwd to denote locked account])
        AC_DEFINE([SPT_TYPE], [SPT_PSTAT])
+        AC_DEFINE([PLATFORM_SYS_DIR_UID], 2, [System dirs owned by bin (uid 2)])
        maildir="/var/mail"
        LIBS="$LIBS -lsec"
        AC_CHECK_LIB([xnet], [t_error], ,
diff --git a/platform.c b/platform.c
index a455472b3..3262b2478 100644
--- a/platform.c
+++ b/platform.c
@@ -1,4 +1,4 @@
-/* $Id: platform.c,v 1.18 2011/01/11 06:02:25 djm Exp $ */
+/* $Id: platform.c,v 1.19 2013/03/12 00:31:05 dtucker Exp $ */
 /*
 * Copyright (c) 2006 Darren Tucker.  All rights reserved.
@@ -194,3 +194,19 @@ platform_krb5_get_principal_name(const char *pw_name)
        return NULL;
 #endif
 }
+/*
+ * return 1 if the specified uid is a uid that may own a system directory
+ * otherwise 0.
+ */
+int
+platform_sys_dir_uid(uid_t uid)
+{
+        if (uid == 0)
+                return 1;
+#ifdef PLATFORM_SYS_DIR_UID
+        if (uid == PLATFORM_SYS_DIR_UID)
+                return 1;
+#endif
+        return 0;
+}
diff --git a/platform.h b/platform.h
index 944d2c340..19f6bfdd3 100644
--- a/platform.h
+++ b/platform.h
@@ -1,4 +1,4 @@
-/* $Id: platform.h,v 1.7 2010/11/05 03:47:01 dtucker Exp $ */
+/* $Id: platform.h,v 1.8 2013/03/12 00:31:05 dtucker Exp $ */
 /*
 * Copyright (c) 2006 Darren Tucker.  All rights reserved.
@@ -29,5 +29,4 @@ void platform_setusercontext(struct passwd *);
 void platform_setusercontext_post_groups(struct passwd *);
 char *platform_get_krb5_client(const char *);
 char *platform_krb5_get_principal_name(const char *);
+int platform_sys_dir_uid(uid_t);

diff --git a/ChangeLog b/ChangeLog index 859c01ad9..730cdd92c 100644 --- a/ChangeLog +++ b/ChangeLog
@@ -2,6 +2,9 @@
2	- (dtucker) [regress/Makefile regress/cipher-speed.sh regress/test-exec.sh]	2	- (dtucker) [regress/Makefile regress/cipher-speed.sh regress/test-exec.sh]
3	Improve portability of cipher-speed test, based mostly on a patch from	3	Improve portability of cipher-speed test, based mostly on a patch from
4	Iain Morgan.	4	Iain Morgan.
		5	- (dtucker) [auth.c configure.ac platform.c platform.h] Accept uid 2 ("bin")
		6	in addition to root as an owner of system directories on AIX and HP-UX.
		7	ok djm@
5		8
6	20130307	9	20130307
7	- (dtucker) [INSTALL] Bump documented autoconf version to what we're	10	- (dtucker) [INSTALL] Bump documented autoconf version to what we're


diff --git a/auth.c b/auth.c index 054c7282f..6128fa460 100644 --- a/auth.c +++ b/auth.c
@@ -448,7 +448,7 @@ auth_secure_path(const char name, struct stat stp, const char *pw_dir,
448	snprintf(err, errlen, "%s is not a regular file", buf);	448	snprintf(err, errlen, "%s is not a regular file", buf);
449	return -1;	449	return -1;
450	}	450	}
451	if ((stp->st_uid != 0 && stp->st_uid != uid) \|\|	451	if ((!platform_sys_dir_uid(stp->st_uid) && stp->st_uid != uid) \|\|
452	(stp->st_mode & 022) != 0) {	452	(stp->st_mode & 022) != 0) {
453	snprintf(err, errlen, "bad ownership or modes for file %s",	453	snprintf(err, errlen, "bad ownership or modes for file %s",
454	buf);	454	buf);
@@ -464,7 +464,7 @@ auth_secure_path(const char name, struct stat stp, const char *pw_dir,
464	strlcpy(buf, cp, sizeof(buf));	464	strlcpy(buf, cp, sizeof(buf));
465		465
466	if (stat(buf, &st) < 0 \|\|	466	if (stat(buf, &st) < 0 \|\|
467	(st.st_uid != 0 && st.st_uid != uid) \|\|	467	(!platform_sys_dir_uid(st.st_uid) && st.st_uid != uid) \|\|
468	(st.st_mode & 022) != 0) {	468	(st.st_mode & 022) != 0) {
469	snprintf(err, errlen,	469	snprintf(err, errlen,
470	"bad ownership or modes for directory %s", buf);	470	"bad ownership or modes for directory %s", buf);


diff --git a/configure.ac b/configure.ac index 6005d7c2f..a49de84e1 100644 --- a/configure.ac +++ b/configure.ac
@@ -1,4 +1,4 @@
1	# $Id: configure.ac,v 1.513 2013/03/08 01:14:23 djm Exp $	1	# $Id: configure.ac,v 1.514 2013/03/12 00:31:05 dtucker Exp $
2	#	2	#
3	# Copyright (c) 1999-2004 Damien Miller	3	# Copyright (c) 1999-2004 Damien Miller
4	#	4	#
@@ -15,7 +15,7 @@
15	# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.	15	# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16		16
17	AC_INIT([OpenSSH], [Portable], [openssh-unix-dev@mindrot.org])	17	AC_INIT([OpenSSH], [Portable], [openssh-unix-dev@mindrot.org])
18	AC_REVISION($Revision: 1.513 $)	18	AC_REVISION($Revision: 1.514 $)
19	AC_CONFIG_SRCDIR([ssh.c])	19	AC_CONFIG_SRCDIR([ssh.c])
20	AC_LANG([C])	20	AC_LANG([C])
21		21
@@ -480,6 +480,7 @@ case "$host" in
480	AC_DEFINE([SSHPAM_CHAUTHTOK_NEEDS_RUID], [1],	480	AC_DEFINE([SSHPAM_CHAUTHTOK_NEEDS_RUID], [1],
481	[AIX 5.2 and 5.3 (and presumably newer) require this])	481	[AIX 5.2 and 5.3 (and presumably newer) require this])
482	AC_DEFINE([PTY_ZEROREAD], [1], [read(1) can return 0 for a non-closed fd])	482	AC_DEFINE([PTY_ZEROREAD], [1], [read(1) can return 0 for a non-closed fd])
		483	AC_DEFINE([PLATFORM_SYS_DIR_UID], 2, [System dirs owned by bin (uid 2)])
483	;;	484	;;
484	--cygwin*)	485	--cygwin*)
485	check_for_libcrypt_later=1	486	check_for_libcrypt_later=1
@@ -565,6 +566,7 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
565	AC_DEFINE([LOCKED_PASSWD_STRING], ["*"],	566	AC_DEFINE([LOCKED_PASSWD_STRING], ["*"],
566	[String used in /etc/passwd to denote locked account])	567	[String used in /etc/passwd to denote locked account])
567	AC_DEFINE([SPT_TYPE], [SPT_PSTAT])	568	AC_DEFINE([SPT_TYPE], [SPT_PSTAT])
		569	AC_DEFINE([PLATFORM_SYS_DIR_UID], 2, [System dirs owned by bin (uid 2)])
568	maildir="/var/mail"	570	maildir="/var/mail"
569	LIBS="$LIBS -lsec"	571	LIBS="$LIBS -lsec"
570	AC_CHECK_LIB([xnet], [t_error], ,	572	AC_CHECK_LIB([xnet], [t_error], ,


diff --git a/platform.c b/platform.c index a455472b3..3262b2478 100644 --- a/platform.c +++ b/platform.c
@@ -1,4 +1,4 @@
1	/* $Id: platform.c,v 1.18 2011/01/11 06:02:25 djm Exp $ */	1	/* $Id: platform.c,v 1.19 2013/03/12 00:31:05 dtucker Exp $ */
2		2
3	/*	3	/*
4	* Copyright (c) 2006 Darren Tucker. All rights reserved.	4	* Copyright (c) 2006 Darren Tucker. All rights reserved.
@@ -194,3 +194,19 @@ platform_krb5_get_principal_name(const char *pw_name)
194	return NULL;	194	return NULL;
195	#endif	195	#endif
196	}	196	}
		197
		198	/*
		199	* return 1 if the specified uid is a uid that may own a system directory
		200	* otherwise 0.
		201	*/
		202	int
		203	platform_sys_dir_uid(uid_t uid)
		204	{
		205	if (uid == 0)
		206	return 1;
		207	#ifdef PLATFORM_SYS_DIR_UID
		208	if (uid == PLATFORM_SYS_DIR_UID)
		209	return 1;
		210	#endif
		211	return 0;
		212	}


diff --git a/platform.h b/platform.h index 944d2c340..19f6bfdd3 100644 --- a/platform.h +++ b/platform.h
@@ -1,4 +1,4 @@
1	/* $Id: platform.h,v 1.7 2010/11/05 03:47:01 dtucker Exp $ */	1	/* $Id: platform.h,v 1.8 2013/03/12 00:31:05 dtucker Exp $ */
2		2
3	/*	3	/*
4	* Copyright (c) 2006 Darren Tucker. All rights reserved.	4	* Copyright (c) 2006 Darren Tucker. All rights reserved.
@@ -29,5 +29,4 @@ void platform_setusercontext(struct passwd *);
29	void platform_setusercontext_post_groups(struct passwd *);	29	void platform_setusercontext_post_groups(struct passwd *);
30	char platform_get_krb5_client(const char );	30	char platform_get_krb5_client(const char );
31	char platform_krb5_get_principal_name(const char );	31	char platform_krb5_get_principal_name(const char );
32		32	int platform_sys_dir_uid(uid_t);
33