1 files changed, 109 insertions, 109 deletions
diff --git a/contrib/cygwin/ssh-host-config b/contrib/cygwin/ssh-host-config
index ec03f163d..57e728fbc 100644
--- a/contrib/cygwin/ssh-host-config
+++ b/contrib/cygwin/ssh-host-config
@@ -37,13 +37,13 @@ create_host_keys() {
    csih_inform "Generating ${SYSCONFDIR}/ssh_host_key"
    ssh-keygen -t rsa1 -f ${SYSCONFDIR}/ssh_host_key -N '' > /dev/null
  fi
-  
  if [ ! -f "${SYSCONFDIR}/ssh_host_rsa_key" ]
  then
    csih_inform "Generating ${SYSCONFDIR}/ssh_host_rsa_key"
    ssh-keygen -t rsa -f ${SYSCONFDIR}/ssh_host_rsa_key -N '' > /dev/null
  fi
-  
  if [ ! -f "${SYSCONFDIR}/ssh_host_dsa_key" ]
  then
    csih_inform "Generating ${SYSCONFDIR}/ssh_host_dsa_key"
@@ -75,12 +75,12 @@ update_services_file() {
    _spaces="                  # "
  fi
  _serv_tmp="${_my_etcdir}/srv.out.$$"
-  
  mount -o text -f "${_win_etcdir}" "${_my_etcdir}"
-  
  # Depends on the above mount
  _wservices=`cygpath -w "${_services}"`
-  
  # Remove sshd 22/port from services
  if [ `grep -q 'sshd[ \t][ \t]*22' "${_services}"; echo $?` -eq 0 ]
  then
@@ -89,16 +89,16 @@ update_services_file() {
    then
      if mv "${_serv_tmp}" "${_services}"
      then
-        csih_inform "Removing sshd from ${_wservices}"
+        csih_inform "Removing sshd from ${_wservices}"
      else
-        csih_warning "Removing sshd from ${_wservices} failed!"
+        csih_warning "Removing sshd from ${_wservices} failed!"
      fi
      rm -f "${_serv_tmp}"
    else
      csih_warning "Removing sshd from ${_wservices} failed!"
    fi
  fi
-  
  # Add ssh 22/tcp  and ssh 22/udp to services
  if [ `grep -q 'ssh[ \t][ \t]*22' "${_services}"; echo $?` -ne 0 ]
  then
@@ -106,9 +106,9 @@ update_services_file() {
    then
      if mv "${_serv_tmp}" "${_services}"
      then
-        csih_inform "Added ssh to ${_wservices}"
+        csih_inform "Added ssh to ${_wservices}"
      else
-        csih_warning "Adding ssh to ${_wservices} failed!"
+        csih_warning "Adding ssh to ${_wservices} failed!"
      fi
      rm -f "${_serv_tmp}"
    else
@@ -134,16 +134,16 @@ sshd_privsep() {
      csih_inform "For more info on privilege separation read /usr/share/doc/openssh/README.privsep."
      if csih_request "Should privilege separation be used?"
      then
-        privsep_used=yes
+        privsep_used=yes
-        if ! csih_create_unprivileged_user sshd
+        if ! csih_create_unprivileged_user sshd
-        then
+        then
          csih_warning "Couldn't create user 'sshd'!"
-          csih_warning "Privilege separation set to 'no' again!"
+          csih_warning "Privilege separation set to 'no' again!"
-          csih_warning "Check your ${SYSCONFDIR}/sshd_config file!"
+          csih_warning "Check your ${SYSCONFDIR}/sshd_config file!"
          privsep_used=no
-        fi
+        fi
      else
-        privsep_used=no
+        privsep_used=no
      fi
    else
      # On 9x don't use privilege separation.  Since security isn't
@@ -151,7 +151,7 @@ sshd_privsep() {
      privsep_used=no
    fi
  fi
-  
  # Create default sshd_config from skeleton files in /etc/defaults/etc or
  # modify to add the missing privsep configuration option
  if cmp "${SYSCONFDIR}/sshd_config" "${SYSCONFDIR}/defaults/${SYSCONFDIR}/sshd_config" >/dev/null 2>&1
@@ -161,8 +161,8 @@ sshd_privsep() {
    sed -e "s/^#UsePrivilegeSeparation yes/UsePrivilegeSeparation ${privsep_used}/
          s/^#Port 22/Port ${port_number}/
          s/^#StrictModes yes/StrictModes no/" \
-        < ${SYSCONFDIR}/sshd_config \
+        < ${SYSCONFDIR}/sshd_config \
-        > "${sshdconfig_tmp}"
+        > "${sshdconfig_tmp}"
    mv "${sshdconfig_tmp}" ${SYSCONFDIR}/sshd_config
  elif [ "${privsep_configured}" != "yes" ]
  then
@@ -193,19 +193,19 @@ update_inetd_conf() {
      # will be replaced by a file in inetd.d/
      if [ `grep -q '^[# \t]*ssh' "${_inetcnf}"; echo $?` -eq 0 ]
      then
-        grep -v '^[# \t]*ssh' "${_inetcnf}" >> "${_inetcnf_tmp}"
+        grep -v '^[# \t]*ssh' "${_inetcnf}" >> "${_inetcnf_tmp}"
-        if [ -f "${_inetcnf_tmp}" ]
+        if [ -f "${_inetcnf_tmp}" ]
-        then
+        then
-          if mv "${_inetcnf_tmp}" "${_inetcnf}"
+          if mv "${_inetcnf_tmp}" "${_inetcnf}"
-          then
+          then
            csih_inform "Removed ssh[d] from ${_inetcnf}"
-          else
+          else
            csih_warning "Removing ssh[d] from ${_inetcnf} failed!"
-          fi
+          fi
-          rm -f "${_inetcnf_tmp}"
+          rm -f "${_inetcnf_tmp}"
-        else
+        else
-          csih_warning "Removing ssh[d] from ${_inetcnf} failed!"
+          csih_warning "Removing ssh[d] from ${_inetcnf} failed!"
-        fi
+        fi
      fi
    fi
@@ -214,13 +214,13 @@ update_inetd_conf() {
    then
      if [ "${_with_comment}" -eq 0 ]
      then
-        sed -e 's/@COMMENT@[ \t]*//' < "${_sshd_inetd_conf}" > "${_sshd_inetd_conf_tmp}"
+        sed -e 's/@COMMENT@[ \t]*//' < "${_sshd_inetd_conf}" > "${_sshd_inetd_conf_tmp}"
      else
-        sed -e 's/@COMMENT@[ \t]*/# /' < "${_sshd_inetd_conf}" > "${_sshd_inetd_conf_tmp}"
+        sed -e 's/@COMMENT@[ \t]*/# /' < "${_sshd_inetd_conf}" > "${_sshd_inetd_conf_tmp}"
      fi
      mv "${_sshd_inetd_conf_tmp}" "${_sshd_inetd_conf}"
      csih_inform "Updated ${_sshd_inetd_conf}"
-    fi 
+    fi
  elif [ -f "${_inetcnf}" ]
  then
@@ -233,26 +233,26 @@ update_inetd_conf() {
      grep -v '^[# \t]*sshd' "${_inetcnf}" >> "${_inetcnf_tmp}"
      if [ -f "${_inetcnf_tmp}" ]
      then
-        if mv "${_inetcnf_tmp}" "${_inetcnf}"
+        if mv "${_inetcnf_tmp}" "${_inetcnf}"
-        then
+        then
            csih_inform "Removed sshd from ${_inetcnf}"
-        else
+        else
            csih_warning "Removing sshd from ${_inetcnf} failed!"
-        fi
+        fi
-        rm -f "${_inetcnf_tmp}"
+        rm -f "${_inetcnf_tmp}"
      else
-        csih_warning "Removing sshd from ${_inetcnf} failed!"
+        csih_warning "Removing sshd from ${_inetcnf} failed!"
      fi
    fi
-  
    # Add ssh line to inetd.conf
    if [ `grep -q '^[# \t]*ssh' "${_inetcnf}"; echo $?` -ne 0 ]
    then
      if [ "${_with_comment}" -eq 0 ]
      then
-        echo 'ssh  stream  tcp     nowait  root    /usr/sbin/sshd sshd -i' >> "${_inetcnf}"
+        echo 'ssh  stream  tcp     nowait  root    /usr/sbin/sshd sshd -i' >> "${_inetcnf}"
      else
-        echo '# ssh  stream  tcp     nowait  root    /usr/sbin/sshd sshd -i' >> "${_inetcnf}"
+        echo '# ssh  stream  tcp     nowait  root    /usr/sbin/sshd sshd -i' >> "${_inetcnf}"
      fi
      csih_inform "Added ssh to ${_inetcnf}"
    fi
@@ -278,83 +278,83 @@ install_service() {
      echo -e "${_csih_QUERY_STR} Do you want to install sshd as a service?"
      if csih_request "(Say \"no\" if it is already installed as a service)"
      then
-        csih_get_cygenv "${cygwin_value}"
+        csih_get_cygenv "${cygwin_value}"
-        if ( csih_is_nt2003 || [ "$csih_FORCE_PRIVILEGED_USER" = "yes" ] )
+        if ( csih_is_nt2003 || [ "$csih_FORCE_PRIVILEGED_USER" = "yes" ] )
-        then
+        then
-          csih_inform "On Windows Server 2003, Windows Vista, and above, the"
+          csih_inform "On Windows Server 2003, Windows Vista, and above, the"
-          csih_inform "SYSTEM account cannot setuid to other users -- a capability"
+          csih_inform "SYSTEM account cannot setuid to other users -- a capability"
-          csih_inform "sshd requires.  You need to have or to create a privileged"
+          csih_inform "sshd requires.  You need to have or to create a privileged"
-          csih_inform "account.  This script will help you do so."
+          csih_inform "account.  This script will help you do so."
-          echo
+          echo
-          if ! csih_create_privileged_user "${password_value}"
+          if ! csih_create_privileged_user "${password_value}"
-          then
+          then
-            csih_error_recoverable "There was a serious problem creating a privileged user."
+            csih_error_recoverable "There was a serious problem creating a privileged user."
-            csih_request "Do you want to proceed anyway?" || exit 1
+            csih_request "Do you want to proceed anyway?" || exit 1
-          fi
+          fi
-        fi
+        fi
-        # never returns empty if NT or above
+        # never returns empty if NT or above
-        run_service_as=$(csih_service_should_run_as)
+        run_service_as=$(csih_service_should_run_as)
-        if [ "${run_service_as}" = "${csih_PRIVILEGED_USERNAME}" ]
+        if [ "${run_service_as}" = "${csih_PRIVILEGED_USERNAME}" ]
-        then
+        then
-          password="${csih_PRIVILEGED_PASSWORD}"
+          password="${csih_PRIVILEGED_PASSWORD}"
-          if [ -z "${password}" ]
+          if [ -z "${password}" ]
-          then
+          then
-            csih_get_value "Please enter the password for user '${run_service_as}':" "-s"
+            csih_get_value "Please enter the password for user '${run_service_as}':" "-s"
-            password="${csih_value}"
+            password="${csih_value}"
-          fi
+          fi
-        fi
+        fi
-        # at this point, we either have $run_service_as = "system" and $password is empty,
+        # at this point, we either have $run_service_as = "system" and $password is empty,
-        # or $run_service_as is some privileged user and (hopefully) $password contains
+        # or $run_service_as is some privileged user and (hopefully) $password contains
-        # the correct password.  So, from here out, we use '-z "${password}"' to discriminate
+        # the correct password.  So, from here out, we use '-z "${password}"' to discriminate
-        # the two cases.
+        # the two cases.
-        csih_check_user "${run_service_as}"
+        csih_check_user "${run_service_as}"
        if [ -n "${csih_cygenv}" ]
        then
          cygwin_env="-e CYGWIN=\"${csih_cygenv}\""
        fi
-        if [ -z "${password}" ]
+        if [ -z "${password}" ]
-        then
+        then
          if eval cygrunsrv -I sshd -d \"CYGWIN sshd\" -p /usr/sbin/sshd \
                            -a "-D" -y tcpip ${cygwin_env}
-          then
+          then
-            echo
+            echo
-            csih_inform "The sshd service has been installed under the LocalSystem"
+            csih_inform "The sshd service has been installed under the LocalSystem"
-            csih_inform "account (also known as SYSTEM). To start the service now, call"
+            csih_inform "account (also known as SYSTEM). To start the service now, call"
-            csih_inform "\`net start sshd' or \`cygrunsrv -S sshd'.  Otherwise, it"
+            csih_inform "\`net start sshd' or \`cygrunsrv -S sshd'.  Otherwise, it"
-            csih_inform "will start automatically after the next reboot."
+            csih_inform "will start automatically after the next reboot."
-          fi
+          fi
-        else
+        else
          if eval cygrunsrv -I sshd -d \"CYGWIN sshd\" -p /usr/sbin/sshd \
                            -a "-D" -y tcpip ${cygwin_env} \
                            -u "${run_service_as}" -w "${password}"
-          then
+          then
            echo
            csih_inform "The sshd service has been installed under the '${run_service_as}'"
            csih_inform "account.  To start the service now, call \`net start sshd' or"
-            csih_inform "\`cygrunsrv -S sshd'.  Otherwise, it will start automatically"
+            csih_inform "\`cygrunsrv -S sshd'.  Otherwise, it will start automatically"
-            csih_inform "after the next reboot."
+            csih_inform "after the next reboot."
-          fi
+          fi
-        fi
+        fi
-        # now, if successfully installed, set ownership of the affected files 
+        # now, if successfully installed, set ownership of the affected files
-        if cygrunsrv -Q sshd >/dev/null 2>&1
+        if cygrunsrv -Q sshd >/dev/null 2>&1
-        then
+        then
-          chown "${run_service_as}" ${SYSCONFDIR}/ssh*
+          chown "${run_service_as}" ${SYSCONFDIR}/ssh*
-          chown "${run_service_as}".544 ${LOCALSTATEDIR}/empty
+          chown "${run_service_as}".544 ${LOCALSTATEDIR}/empty
-          chown "${run_service_as}".544 ${LOCALSTATEDIR}/log/lastlog
+          chown "${run_service_as}".544 ${LOCALSTATEDIR}/log/lastlog
-          if [ -f ${LOCALSTATEDIR}/log/sshd.log ]
+          if [ -f ${LOCALSTATEDIR}/log/sshd.log ]
-          then
+          then
            chown "${run_service_as}".544 ${LOCALSTATEDIR}/log/sshd.log
-          fi
+          fi
-        else
+        else
-          csih_warning "Something went wrong installing the sshd service."
+          csih_warning "Something went wrong installing the sshd service."
-        fi
+        fi
      fi # user allowed us to install as service
    fi # service not yet installed
  fi # csih_is_nt
@@ -478,9 +478,9 @@ setfacl -m u:system:rwx "${LOCALSTATEDIR}/log"
 # Create /var/log/lastlog if not already exists
 if [ -e ${LOCALSTATEDIR}/log/lastlog -a ! -f ${LOCALSTATEDIR}/log/lastlog ]
 then
-  echo 
+  echo
  csih_error_multi "${LOCALSTATEDIR}/log/lastlog exists, but is not a file." \
-                   "Cannot create ssh host configuration."
+                   "Cannot create ssh host configuration."
 fi
 if [ ! -e ${LOCALSTATEDIR}/log/lastlog ]
 then
@@ -523,7 +523,7 @@ sshd_privsep
-update_services_file 
+update_services_file
 update_inetd_conf
 install_service

diff --git a/contrib/cygwin/ssh-host-config b/contrib/cygwin/ssh-host-config index ec03f163d..57e728fbc 100644 --- a/contrib/cygwin/ssh-host-config +++ b/contrib/cygwin/ssh-host-config
@@ -37,13 +37,13 @@ create_host_keys() {
37	csih_inform "Generating ${SYSCONFDIR}/ssh_host_key"	37	csih_inform "Generating ${SYSCONFDIR}/ssh_host_key"
38	ssh-keygen -t rsa1 -f ${SYSCONFDIR}/ssh_host_key -N '' > /dev/null	38	ssh-keygen -t rsa1 -f ${SYSCONFDIR}/ssh_host_key -N '' > /dev/null
39	fi	39	fi
40		40
41	if [ ! -f "${SYSCONFDIR}/ssh_host_rsa_key" ]	41	if [ ! -f "${SYSCONFDIR}/ssh_host_rsa_key" ]
42	then	42	then
43	csih_inform "Generating ${SYSCONFDIR}/ssh_host_rsa_key"	43	csih_inform "Generating ${SYSCONFDIR}/ssh_host_rsa_key"
44	ssh-keygen -t rsa -f ${SYSCONFDIR}/ssh_host_rsa_key -N '' > /dev/null	44	ssh-keygen -t rsa -f ${SYSCONFDIR}/ssh_host_rsa_key -N '' > /dev/null
45	fi	45	fi
46		46
47	if [ ! -f "${SYSCONFDIR}/ssh_host_dsa_key" ]	47	if [ ! -f "${SYSCONFDIR}/ssh_host_dsa_key" ]
48	then	48	then
49	csih_inform "Generating ${SYSCONFDIR}/ssh_host_dsa_key"	49	csih_inform "Generating ${SYSCONFDIR}/ssh_host_dsa_key"
@@ -75,12 +75,12 @@ update_services_file() {
75	_spaces=" # "	75	_spaces=" # "
76	fi	76	fi
77	_serv_tmp="${_my_etcdir}/srv.out.$$"	77	_serv_tmp="${_my_etcdir}/srv.out.$$"
78		78
79	mount -o text -f "${_win_etcdir}" "${_my_etcdir}"	79	mount -o text -f "${_win_etcdir}" "${_my_etcdir}"
80		80
81	# Depends on the above mount	81	# Depends on the above mount
82	_wservices=`cygpath -w "${_services}"`	82	_wservices=`cygpath -w "${_services}"`
83		83
84	# Remove sshd 22/port from services	84	# Remove sshd 22/port from services
85	if [ `grep -q 'sshd[ \t][ \t]*22' "${_services}"; echo $?` -eq 0 ]	85	if [ `grep -q 'sshd[ \t][ \t]*22' "${_services}"; echo $?` -eq 0 ]
86	then	86	then
@@ -89,16 +89,16 @@ update_services_file() {
89	then	89	then
90	if mv "${_serv_tmp}" "${_services}"	90	if mv "${_serv_tmp}" "${_services}"
91	then	91	then
92	csih_inform "Removing sshd from ${_wservices}"	92	csih_inform "Removing sshd from ${_wservices}"
93	else	93	else
94	csih_warning "Removing sshd from ${_wservices} failed!"	94	csih_warning "Removing sshd from ${_wservices} failed!"
95	fi	95	fi
96	rm -f "${_serv_tmp}"	96	rm -f "${_serv_tmp}"
97	else	97	else
98	csih_warning "Removing sshd from ${_wservices} failed!"	98	csih_warning "Removing sshd from ${_wservices} failed!"
99	fi	99	fi
100	fi	100	fi
101		101
102	# Add ssh 22/tcp and ssh 22/udp to services	102	# Add ssh 22/tcp and ssh 22/udp to services
103	if [ `grep -q 'ssh[ \t][ \t]*22' "${_services}"; echo $?` -ne 0 ]	103	if [ `grep -q 'ssh[ \t][ \t]*22' "${_services}"; echo $?` -ne 0 ]
104	then	104	then
@@ -106,9 +106,9 @@ update_services_file() {
106	then	106	then
107	if mv "${_serv_tmp}" "${_services}"	107	if mv "${_serv_tmp}" "${_services}"
108	then	108	then
109	csih_inform "Added ssh to ${_wservices}"	109	csih_inform "Added ssh to ${_wservices}"
110	else	110	else
111	csih_warning "Adding ssh to ${_wservices} failed!"	111	csih_warning "Adding ssh to ${_wservices} failed!"
112	fi	112	fi
113	rm -f "${_serv_tmp}"	113	rm -f "${_serv_tmp}"
114	else	114	else
@@ -134,16 +134,16 @@ sshd_privsep() {
134	csih_inform "For more info on privilege separation read /usr/share/doc/openssh/README.privsep."	134	csih_inform "For more info on privilege separation read /usr/share/doc/openssh/README.privsep."
135	if csih_request "Should privilege separation be used?"	135	if csih_request "Should privilege separation be used?"
136	then	136	then
137	privsep_used=yes	137	privsep_used=yes
138	if ! csih_create_unprivileged_user sshd	138	if ! csih_create_unprivileged_user sshd
139	then	139	then
140	csih_warning "Couldn't create user 'sshd'!"	140	csih_warning "Couldn't create user 'sshd'!"
141	csih_warning "Privilege separation set to 'no' again!"	141	csih_warning "Privilege separation set to 'no' again!"
142	csih_warning "Check your ${SYSCONFDIR}/sshd_config file!"	142	csih_warning "Check your ${SYSCONFDIR}/sshd_config file!"
143	privsep_used=no	143	privsep_used=no
144	fi	144	fi
145	else	145	else
146	privsep_used=no	146	privsep_used=no
147	fi	147	fi
148	else	148	else
149	# On 9x don't use privilege separation. Since security isn't	149	# On 9x don't use privilege separation. Since security isn't
@@ -151,7 +151,7 @@ sshd_privsep() {
151	privsep_used=no	151	privsep_used=no
152	fi	152	fi
153	fi	153	fi
154		154
155	# Create default sshd_config from skeleton files in /etc/defaults/etc or	155	# Create default sshd_config from skeleton files in /etc/defaults/etc or
156	# modify to add the missing privsep configuration option	156	# modify to add the missing privsep configuration option
157	if cmp "${SYSCONFDIR}/sshd_config" "${SYSCONFDIR}/defaults/${SYSCONFDIR}/sshd_config" >/dev/null 2>&1	157	if cmp "${SYSCONFDIR}/sshd_config" "${SYSCONFDIR}/defaults/${SYSCONFDIR}/sshd_config" >/dev/null 2>&1
@@ -161,8 +161,8 @@ sshd_privsep() {
161	sed -e "s/^#UsePrivilegeSeparation yes/UsePrivilegeSeparation ${privsep_used}/	161	sed -e "s/^#UsePrivilegeSeparation yes/UsePrivilegeSeparation ${privsep_used}/
162	s/^#Port 22/Port ${port_number}/	162	s/^#Port 22/Port ${port_number}/
163	s/^#StrictModes yes/StrictModes no/" \	163	s/^#StrictModes yes/StrictModes no/" \
164	< ${SYSCONFDIR}/sshd_config \	164	< ${SYSCONFDIR}/sshd_config \
165	> "${sshdconfig_tmp}"	165	> "${sshdconfig_tmp}"
166	mv "${sshdconfig_tmp}" ${SYSCONFDIR}/sshd_config	166	mv "${sshdconfig_tmp}" ${SYSCONFDIR}/sshd_config
167	elif [ "${privsep_configured}" != "yes" ]	167	elif [ "${privsep_configured}" != "yes" ]
168	then	168	then
@@ -193,19 +193,19 @@ update_inetd_conf() {
193	# will be replaced by a file in inetd.d/	193	# will be replaced by a file in inetd.d/
194	if [ `grep -q '^[# \t]*ssh' "${_inetcnf}"; echo $?` -eq 0 ]	194	if [ `grep -q '^[# \t]*ssh' "${_inetcnf}"; echo $?` -eq 0 ]
195	then	195	then
196	grep -v '^[# \t]*ssh' "${_inetcnf}" >> "${_inetcnf_tmp}"	196	grep -v '^[# \t]*ssh' "${_inetcnf}" >> "${_inetcnf_tmp}"
197	if [ -f "${_inetcnf_tmp}" ]	197	if [ -f "${_inetcnf_tmp}" ]
198	then	198	then
199	if mv "${_inetcnf_tmp}" "${_inetcnf}"	199	if mv "${_inetcnf_tmp}" "${_inetcnf}"
200	then	200	then
201	csih_inform "Removed ssh[d] from ${_inetcnf}"	201	csih_inform "Removed ssh[d] from ${_inetcnf}"
202	else	202	else
203	csih_warning "Removing ssh[d] from ${_inetcnf} failed!"	203	csih_warning "Removing ssh[d] from ${_inetcnf} failed!"
204	fi	204	fi
205	rm -f "${_inetcnf_tmp}"	205	rm -f "${_inetcnf_tmp}"
206	else	206	else
207	csih_warning "Removing ssh[d] from ${_inetcnf} failed!"	207	csih_warning "Removing ssh[d] from ${_inetcnf} failed!"
208	fi	208	fi
209	fi	209	fi
210	fi	210	fi
211		211
@@ -214,13 +214,13 @@ update_inetd_conf() {
214	then	214	then
215	if [ "${_with_comment}" -eq 0 ]	215	if [ "${_with_comment}" -eq 0 ]
216	then	216	then
217	sed -e 's/@COMMENT@[ \t]*//' < "${_sshd_inetd_conf}" > "${_sshd_inetd_conf_tmp}"	217	sed -e 's/@COMMENT@[ \t]*//' < "${_sshd_inetd_conf}" > "${_sshd_inetd_conf_tmp}"
218	else	218	else
219	sed -e 's/@COMMENT@[ \t]*/# /' < "${_sshd_inetd_conf}" > "${_sshd_inetd_conf_tmp}"	219	sed -e 's/@COMMENT@[ \t]*/# /' < "${_sshd_inetd_conf}" > "${_sshd_inetd_conf_tmp}"
220	fi	220	fi
221	mv "${_sshd_inetd_conf_tmp}" "${_sshd_inetd_conf}"	221	mv "${_sshd_inetd_conf_tmp}" "${_sshd_inetd_conf}"
222	csih_inform "Updated ${_sshd_inetd_conf}"	222	csih_inform "Updated ${_sshd_inetd_conf}"
223	fi	223	fi
224		224
225	elif [ -f "${_inetcnf}" ]	225	elif [ -f "${_inetcnf}" ]
226	then	226	then
@@ -233,26 +233,26 @@ update_inetd_conf() {
233	grep -v '^[# \t]*sshd' "${_inetcnf}" >> "${_inetcnf_tmp}"	233	grep -v '^[# \t]*sshd' "${_inetcnf}" >> "${_inetcnf_tmp}"
234	if [ -f "${_inetcnf_tmp}" ]	234	if [ -f "${_inetcnf_tmp}" ]
235	then	235	then
236	if mv "${_inetcnf_tmp}" "${_inetcnf}"	236	if mv "${_inetcnf_tmp}" "${_inetcnf}"
237	then	237	then
238	csih_inform "Removed sshd from ${_inetcnf}"	238	csih_inform "Removed sshd from ${_inetcnf}"
239	else	239	else
240	csih_warning "Removing sshd from ${_inetcnf} failed!"	240	csih_warning "Removing sshd from ${_inetcnf} failed!"
241	fi	241	fi
242	rm -f "${_inetcnf_tmp}"	242	rm -f "${_inetcnf_tmp}"
243	else	243	else
244	csih_warning "Removing sshd from ${_inetcnf} failed!"	244	csih_warning "Removing sshd from ${_inetcnf} failed!"
245	fi	245	fi
246	fi	246	fi
247		247
248	# Add ssh line to inetd.conf	248	# Add ssh line to inetd.conf
249	if [ `grep -q '^[# \t]*ssh' "${_inetcnf}"; echo $?` -ne 0 ]	249	if [ `grep -q '^[# \t]*ssh' "${_inetcnf}"; echo $?` -ne 0 ]
250	then	250	then
251	if [ "${_with_comment}" -eq 0 ]	251	if [ "${_with_comment}" -eq 0 ]
252	then	252	then
253	echo 'ssh stream tcp nowait root /usr/sbin/sshd sshd -i' >> "${_inetcnf}"	253	echo 'ssh stream tcp nowait root /usr/sbin/sshd sshd -i' >> "${_inetcnf}"
254	else	254	else
255	echo '# ssh stream tcp nowait root /usr/sbin/sshd sshd -i' >> "${_inetcnf}"	255	echo '# ssh stream tcp nowait root /usr/sbin/sshd sshd -i' >> "${_inetcnf}"
256	fi	256	fi
257	csih_inform "Added ssh to ${_inetcnf}"	257	csih_inform "Added ssh to ${_inetcnf}"
258	fi	258	fi
@@ -278,83 +278,83 @@ install_service() {
278	echo -e "${_csih_QUERY_STR} Do you want to install sshd as a service?"	278	echo -e "${_csih_QUERY_STR} Do you want to install sshd as a service?"
279	if csih_request "(Say \"no\" if it is already installed as a service)"	279	if csih_request "(Say \"no\" if it is already installed as a service)"
280	then	280	then
281	csih_get_cygenv "${cygwin_value}"	281	csih_get_cygenv "${cygwin_value}"
282		282
283	if ( csih_is_nt2003 \|\| [ "$csih_FORCE_PRIVILEGED_USER" = "yes" ] )	283	if ( csih_is_nt2003 \|\| [ "$csih_FORCE_PRIVILEGED_USER" = "yes" ] )
284	then	284	then
285	csih_inform "On Windows Server 2003, Windows Vista, and above, the"	285	csih_inform "On Windows Server 2003, Windows Vista, and above, the"
286	csih_inform "SYSTEM account cannot setuid to other users -- a capability"	286	csih_inform "SYSTEM account cannot setuid to other users -- a capability"
287	csih_inform "sshd requires. You need to have or to create a privileged"	287	csih_inform "sshd requires. You need to have or to create a privileged"
288	csih_inform "account. This script will help you do so."	288	csih_inform "account. This script will help you do so."
289	echo	289	echo
290	if ! csih_create_privileged_user "${password_value}"	290	if ! csih_create_privileged_user "${password_value}"
291	then	291	then
292	csih_error_recoverable "There was a serious problem creating a privileged user."	292	csih_error_recoverable "There was a serious problem creating a privileged user."
293	csih_request "Do you want to proceed anyway?" \|\| exit 1	293	csih_request "Do you want to proceed anyway?" \|\| exit 1
294	fi	294	fi
295	fi	295	fi
296		296
297	# never returns empty if NT or above	297	# never returns empty if NT or above
298	run_service_as=$(csih_service_should_run_as)	298	run_service_as=$(csih_service_should_run_as)
299		299
300	if [ "${run_service_as}" = "${csih_PRIVILEGED_USERNAME}" ]	300	if [ "${run_service_as}" = "${csih_PRIVILEGED_USERNAME}" ]
301	then	301	then
302	password="${csih_PRIVILEGED_PASSWORD}"	302	password="${csih_PRIVILEGED_PASSWORD}"
303	if [ -z "${password}" ]	303	if [ -z "${password}" ]
304	then	304	then
305	csih_get_value "Please enter the password for user '${run_service_as}':" "-s"	305	csih_get_value "Please enter the password for user '${run_service_as}':" "-s"
306	password="${csih_value}"	306	password="${csih_value}"
307	fi	307	fi
308	fi	308	fi
309		309
310	# at this point, we either have $run_service_as = "system" and $password is empty,	310	# at this point, we either have $run_service_as = "system" and $password is empty,
311	# or $run_service_as is some privileged user and (hopefully) $password contains	311	# or $run_service_as is some privileged user and (hopefully) $password contains
312	# the correct password. So, from here out, we use '-z "${password}"' to discriminate	312	# the correct password. So, from here out, we use '-z "${password}"' to discriminate
313	# the two cases.	313	# the two cases.
314		314
315	csih_check_user "${run_service_as}"	315	csih_check_user "${run_service_as}"
316		316
317	if [ -n "${csih_cygenv}" ]	317	if [ -n "${csih_cygenv}" ]
318	then	318	then
319	cygwin_env="-e CYGWIN=\"${csih_cygenv}\""	319	cygwin_env="-e CYGWIN=\"${csih_cygenv}\""
320	fi	320	fi
321	if [ -z "${password}" ]	321	if [ -z "${password}" ]
322	then	322	then
323	if eval cygrunsrv -I sshd -d \"CYGWIN sshd\" -p /usr/sbin/sshd \	323	if eval cygrunsrv -I sshd -d \"CYGWIN sshd\" -p /usr/sbin/sshd \
324	-a "-D" -y tcpip ${cygwin_env}	324	-a "-D" -y tcpip ${cygwin_env}
325	then	325	then
326	echo	326	echo
327	csih_inform "The sshd service has been installed under the LocalSystem"	327	csih_inform "The sshd service has been installed under the LocalSystem"
328	csih_inform "account (also known as SYSTEM). To start the service now, call"	328	csih_inform "account (also known as SYSTEM). To start the service now, call"
329	csih_inform "\`net start sshd' or \`cygrunsrv -S sshd'. Otherwise, it"	329	csih_inform "\`net start sshd' or \`cygrunsrv -S sshd'. Otherwise, it"
330	csih_inform "will start automatically after the next reboot."	330	csih_inform "will start automatically after the next reboot."
331	fi	331	fi
332	else	332	else
333	if eval cygrunsrv -I sshd -d \"CYGWIN sshd\" -p /usr/sbin/sshd \	333	if eval cygrunsrv -I sshd -d \"CYGWIN sshd\" -p /usr/sbin/sshd \
334	-a "-D" -y tcpip ${cygwin_env} \	334	-a "-D" -y tcpip ${cygwin_env} \
335	-u "${run_service_as}" -w "${password}"	335	-u "${run_service_as}" -w "${password}"
336	then	336	then
337	echo	337	echo
338	csih_inform "The sshd service has been installed under the '${run_service_as}'"	338	csih_inform "The sshd service has been installed under the '${run_service_as}'"
339	csih_inform "account. To start the service now, call \`net start sshd' or"	339	csih_inform "account. To start the service now, call \`net start sshd' or"
340	csih_inform "\`cygrunsrv -S sshd'. Otherwise, it will start automatically"	340	csih_inform "\`cygrunsrv -S sshd'. Otherwise, it will start automatically"
341	csih_inform "after the next reboot."	341	csih_inform "after the next reboot."
342	fi	342	fi
343	fi	343	fi
344		344
345	# now, if successfully installed, set ownership of the affected files	345	# now, if successfully installed, set ownership of the affected files
346	if cygrunsrv -Q sshd >/dev/null 2>&1	346	if cygrunsrv -Q sshd >/dev/null 2>&1
347	then	347	then
348	chown "${run_service_as}" ${SYSCONFDIR}/ssh*	348	chown "${run_service_as}" ${SYSCONFDIR}/ssh*
349	chown "${run_service_as}".544 ${LOCALSTATEDIR}/empty	349	chown "${run_service_as}".544 ${LOCALSTATEDIR}/empty
350	chown "${run_service_as}".544 ${LOCALSTATEDIR}/log/lastlog	350	chown "${run_service_as}".544 ${LOCALSTATEDIR}/log/lastlog
351	if [ -f ${LOCALSTATEDIR}/log/sshd.log ]	351	if [ -f ${LOCALSTATEDIR}/log/sshd.log ]
352	then	352	then
353	chown "${run_service_as}".544 ${LOCALSTATEDIR}/log/sshd.log	353	chown "${run_service_as}".544 ${LOCALSTATEDIR}/log/sshd.log
354	fi	354	fi
355	else	355	else
356	csih_warning "Something went wrong installing the sshd service."	356	csih_warning "Something went wrong installing the sshd service."
357	fi	357	fi
358	fi # user allowed us to install as service	358	fi # user allowed us to install as service
359	fi # service not yet installed	359	fi # service not yet installed
360	fi # csih_is_nt	360	fi # csih_is_nt
@@ -478,9 +478,9 @@ setfacl -m u:system:rwx "${LOCALSTATEDIR}/log"
478	# Create /var/log/lastlog if not already exists	478	# Create /var/log/lastlog if not already exists
479	if [ -e ${LOCALSTATEDIR}/log/lastlog -a ! -f ${LOCALSTATEDIR}/log/lastlog ]	479	if [ -e ${LOCALSTATEDIR}/log/lastlog -a ! -f ${LOCALSTATEDIR}/log/lastlog ]
480	then	480	then
481	echo	481	echo
482	csih_error_multi "${LOCALSTATEDIR}/log/lastlog exists, but is not a file." \	482	csih_error_multi "${LOCALSTATEDIR}/log/lastlog exists, but is not a file." \
483	"Cannot create ssh host configuration."	483	"Cannot create ssh host configuration."
484	fi	484	fi
485	if [ ! -e ${LOCALSTATEDIR}/log/lastlog ]	485	if [ ! -e ${LOCALSTATEDIR}/log/lastlog ]
486	then	486	then
@@ -523,7 +523,7 @@ sshd_privsep
523		523
524		524
525		525
526	update_services_file	526	update_services_file
527	update_inetd_conf	527	update_inetd_conf
528	install_service	528	install_service
529		529