mirror of
git://anongit.mindrot.org/openssh.git
synced 2024-11-23 18:23:25 +08:00
- (bal) Privsep user creation support in Solaris buildpkg.sh by
dtucker@zip.com.au
This commit is contained in:
parent
938b828566
commit
104c3feb69
@ -8,6 +8,8 @@
|
||||
EVP_CIPH_CUSTOM_IV for our own rijndael
|
||||
- (bal) Remove unused tty defined in do_setusercontext() pointed out by
|
||||
dtucker@zip.com.au plus a a more KNF since I am near it.
|
||||
- (bal) Privsep user creation support in Solaris buildpkg.sh by
|
||||
dtucker@zip.com.au
|
||||
|
||||
20020714
|
||||
- (tim) [Makefile.in] replace "id sshd" with "sshd -t"
|
||||
@ -1372,4 +1374,4 @@
|
||||
- (stevesk) entropy.c: typo in debug message
|
||||
- (djm) ssh-keygen -i needs seeded RNG; report from markus@
|
||||
|
||||
$Id: ChangeLog,v 1.2369 2002/07/15 17:58:34 mouring Exp $
|
||||
$Id: ChangeLog,v 1.2370 2002/07/15 18:49:20 mouring Exp $
|
||||
|
@ -98,6 +98,19 @@ do
|
||||
eval $confvar=`grep "^$confvar=" Makefile | cut -d = -f 2`
|
||||
done
|
||||
|
||||
|
||||
## Collect value of privsep user
|
||||
for confvar in SSH_PRIVSEP_USER
|
||||
do
|
||||
eval $confvar=`awk '/#define[ \t]'$confvar'/{print $3}' config.h`
|
||||
done
|
||||
|
||||
## Set privsep defaults if not defined
|
||||
if [ -z "$SSH_PRIVSEP_USER" ]
|
||||
then
|
||||
SSH_PRIVSEP_USER=sshd
|
||||
fi
|
||||
|
||||
## Extract common info requires for the 'info' part of the package.
|
||||
VERSION=`./ssh -V 2>&1 | sed -e 's/,.*//'`
|
||||
|
||||
@ -214,6 +227,33 @@ fi
|
||||
|
||||
installf -f ${PKGNAME}
|
||||
|
||||
if egrep '^[ \t]*UsePrivilegeSeparation[ \t]+no' $sysconfdir/sshd_config >/dev/null
|
||||
then
|
||||
echo "UsePrivilegeSeparation disabled in config, not creating PrivSep user"
|
||||
echo "or group."
|
||||
else
|
||||
echo "UsePrivilegeSeparation enabled in config (or defaulting to on)."
|
||||
|
||||
# create group if required
|
||||
if cut -f1 -d: /etc/group | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null
|
||||
then
|
||||
echo "PrivSep group $SSH_PRIVSEP_USER already exists."
|
||||
else
|
||||
echo "Creating PrivSep group $SSH_PRIVSEP_USER."
|
||||
groupadd $SSH_PRIVSEP_USER
|
||||
fi
|
||||
|
||||
# Create user if required
|
||||
if cut -f1 -d: /etc/passwd | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null
|
||||
then
|
||||
echo "PrivSep user $SSH_PRIVSEP_USER already exists."
|
||||
else
|
||||
echo "Creating PrivSep user $SSH_PRIVSEP_USER."
|
||||
useradd -c 'SSHD PrivSep User' -s /bin/false -g $SSH_PRIVSEP_USER $SSH_PRIVSEP_USER
|
||||
passwd -l $SSH_PRIVSEP_USER
|
||||
fi
|
||||
fi
|
||||
|
||||
[ "\${POST_INS_START}" = "yes" ] && ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start
|
||||
exit 0
|
||||
_EOF
|
||||
|
Loading…
Reference in New Issue
Block a user