mirrors/openssh
0
0
Fork 0
mirror of git://anongit.mindrot.org/openssh.git synced 2024-11-23 18:23:25 +08:00
Code Issues Packages Projects Releases Wiki Activity

- (bal) Fixed AIX environment handling, use setpcred() instead of existing

Browse Source 
code.  (Bugzilla Bug 261)
This commit is contained in:
Ben Lindstrom 2002-06-21 00:01:18 +00:00
parent 3c73dfe55e
commit f0bfa839bd
5 changed files with 10 additions and 113 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ChangeLog
View File

@ -1,4 +1,6 @@
20020620
- (bal) Fixed AIX environment handling, use setpcred() instead of existing
code. (Bugzilla Bug 261)
- (bal) OpenBSD CVS Sync
- todd@cvs.openbsd.org 2002/06/14 21:35:00
[monitor_wrap.c]
@ -931,4 +933,4 @@
- (stevesk) entropy.c: typo in debug message
- (djm) ssh-keygen -i needs seeded RNG; report from markus@
$Id: ChangeLog,v 1.2217 2002/06/20 23:53:53 mouring Exp $
$Id: ChangeLog,v 1.2218 2002/06/21 00:01:18 mouring Exp $

13
configure.ac
View File

@ -1,4 +1,4 @@
# $Id: configure.ac,v 1.66 2002/06/12 16:57:15 mouring Exp $
# $Id: configure.ac,v 1.67 2002/06/21 00:01:19 mouring Exp $
AC_INIT
AC_CONFIG_SRCDIR([ssh.c])
@ -571,9 +571,9 @@ AC_CHECK_FUNCS(arc4random b64_ntop bcopy bindresvport_sa \
mkdtemp mmap ngetaddrinfo openpty ogetaddrinfo readpassphrase \
realpath recvmsg rresvport_af sendmsg setdtablesize setegid \
setenv seteuid setgroups setlogin setproctitle setresgid setreuid \
setrlimit setsid setvbuf sigaction sigvec snprintf socketpair \
strerror strlcat strlcpy strmode strsep sysconf tcgetpgrp truncate \
utimes vhangup vsnprintf waitpid __b64_ntop _getpty)
setrlimit setsid setpcred setvbuf sigaction sigvec snprintf \
socketpair strerror strlcat strlcpy strmode strsep sysconf tcgetpgrp \
truncate utimes vhangup vsnprintf waitpid __b64_ntop _getpty)
dnl IRIX and Solaris 2.5.1 have dirname() in libgen
AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
@ -621,11 +621,6 @@ dnl Checks for utmpx functions
AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline )
AC_CHECK_FUNCS(setutxent utmpxname)
AC_CHECK_FUNC(getuserattr,
[AC_DEFINE(HAVE_GETUSERATTR)],
[AC_CHECK_LIB(s, getuserattr, [LIBS="$LIBS -ls"; AC_DEFINE(HAVE_GETUSERATTR)])]
)
AC_CHECK_FUNC(daemon,
[AC_DEFINE(HAVE_DAEMON)],
[AC_CHECK_LIB(bsd, daemon, [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]

95
openbsd-compat/port-aix.c
View File

@ -2,104 +2,9 @@
#ifdef _AIX
#ifdef HAVE_USERSEC_H
#include <usersec.h>
#endif /* HAVE_USERSEC_H */
#include <uinfo.h>
#include <../xmalloc.h>
/* AIX limits */
#if defined(HAVE_GETUSERATTR) && !defined(S_UFSIZE_HARD) && defined(S_UFSIZE)
# define S_UFSIZE_HARD S_UFSIZE "_hard"
# define S_UCPU_HARD S_UCPU "_hard"
# define S_UDATA_HARD S_UDATA "_hard"
# define S_USTACK_HARD S_USTACK "_hard"
# define S_URSS_HARD S_URSS "_hard"
# define S_UCORE_HARD S_UCORE "_hard"
# define S_UNOFILE_HARD S_UNOFILE "_hard"
#endif
#if defined(HAVE_GETUSERATTR)
/*
* AIX-specific login initialisation
*/
void
set_limit(char *user, char *soft, char *hard, int resource, int mult)
{
struct rlimit rlim;
int slim, hlim;
getrlimit(resource, &rlim);
slim = 0;
if (getuserattr(user, soft, &slim, SEC_INT) != -1) {
if (slim < 0) {
rlim.rlim_cur = RLIM_INFINITY;
} else if (slim != 0) {
/* See the wackiness below */
if (rlim.rlim_cur == slim * mult)
slim = 0;
else
rlim.rlim_cur = slim * mult;
}
}
hlim = 0;
if (getuserattr(user, hard, &hlim, SEC_INT) != -1) {
if (hlim < 0) {
rlim.rlim_max = RLIM_INFINITY;
} else if (hlim != 0) {
rlim.rlim_max = hlim * mult;
}
}
/*
* XXX For cpu and fsize the soft limit is set to the hard limit
* if the hard limit is left at its default value and the soft limit
* is changed from its default value, either by requesting it
* (slim == 0) or by setting it to the current default. At least
* that's how rlogind does it. If you're confused you're not alone.
* Bug or feature? AIX 4.3.1.2
*/
if ((!strcmp(soft, "fsize") || !strcmp(soft, "cpu"))
&& hlim == 0 && slim != 0)
rlim.rlim_max = rlim.rlim_cur;
/* A specified hard limit limits the soft limit */
else if (hlim > 0 && rlim.rlim_cur > rlim.rlim_max)
rlim.rlim_cur = rlim.rlim_max;
/* A soft limit can increase a hard limit */
else if (rlim.rlim_cur > rlim.rlim_max)
rlim.rlim_max = rlim.rlim_cur;
if (setrlimit(resource, &rlim) != 0)
error("setrlimit(%.10s) failed: %.100s", soft, strerror(errno));
}
void
set_limits_from_userattr(char *user)
{
int mask;
char buf[16];
set_limit(user, S_UFSIZE, S_UFSIZE_HARD, RLIMIT_FSIZE, 512);
set_limit(user, S_UCPU, S_UCPU_HARD, RLIMIT_CPU, 1);
set_limit(user, S_UDATA, S_UDATA_HARD, RLIMIT_DATA, 512);
set_limit(user, S_USTACK, S_USTACK_HARD, RLIMIT_STACK, 512);
set_limit(user, S_URSS, S_URSS_HARD, RLIMIT_RSS, 512);
set_limit(user, S_UCORE, S_UCORE_HARD, RLIMIT_CORE, 512);
#if defined(S_UNOFILE)
set_limit(user, S_UNOFILE, S_UNOFILE_HARD, RLIMIT_NOFILE, 1);
#endif
if (getuserattr(user, S_UMASK, &mask, SEC_INT) != -1) {
/* Convert decimal to octal */
(void) snprintf(buf, sizeof(buf), "%d", mask);
if (sscanf(buf, "%o", &mask) == 1)
umask(mask);
}
}
#endif /* defined(HAVE_GETUSERATTR) */
/*
* AIX has a "usrinfo" area where logname and
* other stuff is stored - a few applications

5
openbsd-compat/port-aix.h
View File

@ -1,10 +1,5 @@
#ifdef _AIX
#ifdef HAVE_GETUSERATTR
void set_limit(char *user, char *soft, char *hard, int resource, int mult);
void set_limits_from_userattr(char *user);
#endif /* HAVE_GETUSERATTR */
void aix_usrinfo(struct passwd *pw, char *tty, int ttyfd);
#endif /* _AIX */

6
session.c
View File

@ -1153,9 +1153,9 @@ do_setusercontext(struct passwd *pw)
#else /* HAVE_CYGWIN */
if (getuid() == 0 || geteuid() == 0) {
#endif /* HAVE_CYGWIN */
#ifdef HAVE_GETUSERATTR
set_limits_from_userattr(pw->pw_name);
#endif /* HAVE_GETUSERATTR */
#ifdef HAVE_SETPCRED
setpcred(pw->pw_name);
#endif /* HAVE_SETPCRED */
#ifdef HAVE_LOGIN_CAP
if (setusercontext(lc, pw, pw->pw_uid,
(LOGIN_SETALL & ~LOGIN_SETPATH)) < 0) {