SCO 5.0.5 setluid patch

svaughan svaughan at asterion.com
Thu Feb 15 19:38:33 EST 2001 

Sorry it took me a while to get some free time this week :-)


below is the small patch for SCO 5.0.x. to set the luid. I have tested it
out and it seems to work good. I won't have access to a solaris box for a
little while to test out the setauid(), so I didn't include that. 


Thanks,
Sam



*** openssh/session.c Sun Feb 11 06:12:08 2001
--- openssh_patch/session.c Wed Feb 14 23:41:48 2001
***************
*** 1030,1035 ****
  #endif /* WITH_IRIX_ARRAY */
  #endif /* WITH_IRIX_JOBS */
  
  
        /* login(1) is only called if we execute the login shell */
        if (options.use_login && command != NULL)
--- 1030,1040 ----
  #endif /* WITH_IRIX_ARRAY */
  #endif /* WITH_IRIX_JOBS */
  
+ #ifdef HAVE_SCO_SETLUID 
+       /* Sets login uid for accounting*/ 
+       if(setluid(pw->pw_uid) == -1) 
+               perror("Unable to set luid!");
+ #endif /* HAVE_SCO_SETLUID */
  
        /* login(1) is only called if we execute the login shell */
        if (options.use_login && command != NULL)



*** openssh/configure.in Thu Feb  8 17:55:36 2001
--- openssh_patch/configure.in Wed Feb 14 01:56:19 2001
***************
*** 237,242 ****
        AC_DEFINE(HAVE_SCO_PROTECTED_PW)
        AC_DEFINE(DISABLE_SHADOW)
        AC_DEFINE(HAVE_BOGUS_SYS_QUEUE_H)
        ;;
  *-dec-osf*)
  # This is untested
--- 237,243 ----
        AC_DEFINE(HAVE_SCO_PROTECTED_PW)
        AC_DEFINE(DISABLE_SHADOW)
        AC_DEFINE(HAVE_BOGUS_SYS_QUEUE_H)
+       AC_CHECK_FUNC(setluid, [AC_DEFINE(HAVE_SCO_SETLUID)])
        ;;
  *-dec-osf*)
  # This is untested



*** openssh/config.h.in Sun Feb 11 09:30:28 2001
--- openssh_patch/config.h.in Wed Feb 14 13:20:55 2001
***************
*** 31,36 ****
  /* Define if you have SCO protected password database */
  #undef HAVE_SCO_PROTECTED_PW
  
  /* If your header files don't define LOGIN_PROGRAM, then use this
(detected) */
  /* from environment and PATH */
  #undef LOGIN_PROGRAM_FALLBACK
--- 31,39 ----
  /* Define if you have SCO protected password database */
  #undef HAVE_SCO_PROTECTED_PW
  
+ /* Define if you have SCO setluid function */
+ #undef HAVE_SCO_SETLUID      
+ 
  /* If your header files don't define LOGIN_PROGRAM, then use this
(detected) */
  /* from environment and PATH */
  #undef LOGIN_PROGRAM_FALLBACK









> 
> Would it be possible for someone with access to one of these systems to
> turn the above into a patch and test it?
> 
> You want to start in the do_child() function in session.c. Be careful,
> there is a lot of OS-dependant stuff in that function.
> 
> If noone steps up, then I can create a patch, but I don't have ready 
> access to a C2 system and would thus be flying blind.
> 
> -d
>  
> 
> -- 
> | Damien Miller <djm at mindrot.org> \ ``E-mail attachments are the poor man's 
> | http://www.mindrot.org          /   distributed filesystem'' - Dan Geer
>

More information about the openssh-unix-dev mailing list