[Bug 1824] New: Added project(4) support for Solaris 10

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Thu Sep 23 02:37:17 EST 2010


https://bugzilla.mindrot.org/show_bug.cgi?id=1824

           Summary: Added project(4) support for Solaris 10
           Product: Portable OpenSSH
           Version: -current
          Platform: All
        OS/Version: Solaris
            Status: NEW
          Severity: normal
          Priority: P2
         Component: sshd
        AssignedTo: unassigned-bugs at mindrot.org
        ReportedBy: cory.erickson at csu.mnscu.edu


Created attachment 1929
  --> https://bugzilla.mindrot.org/attachment.cgi?id=1929
patch for solaris projects support

Projects are the basis for resource controls in Solaris 10. The current
openssh doesn't appear to support projects, so the default project
(system) is inherited from the parent sshd:

[ericksco]unixprd:~$ ssh themis
Last login: Sun Sep 19 11:24:46 2010 from unixprd.mnscu.e
Sun Microsystems Inc.   SunOS 5.10      Generic January 2005
[ericksco]themis:~$ projects -d # displays default project
default
[ericksco]themis:~$ id -p # however, "system" project is inherited from
sshd
uid=1108(ericksco) gid=101(admins) projid=0(system)

With the project support enabled, sshd can properly set the default
project (as uid=0) before spawning client command/shell:

[ericksco]unixprd:~$ ssh timmy
Last login: Tue Sep 21 20:40:40 2010 from unixprd.mnscu.e
Sun Microsystems Inc.   SunOS 5.10      Generic January 2005
[ericksco]timmy:~$ projects -d # displays default project
group.admins
[ericksco]timmy:~$ id -p # now effective project is correct
uid=1108(ericksco) gid=101(admins) projid=11(group.admins)

The library calls utilized are:

- getdefaultproj()

Obtains the default project for the user logging in.

- setproject()

Sets the project for the session. Requires special privs (uid=0) or
will fail.

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list