SCO 5.0.5 setluid patch

Sam Vaughan svaughan at asterion.com
Fri Feb 23 18:00:29 EST 2001 


Tim,
	Are you starting sshd from inetd? I see that you compiled in TCP
wrappers support. I'm wondering if that is why your LUID is getting set to
0 (root). 

If you are, could you try it without and see if the LUID still gets set
wrong. 

( Or its some difference between 5.0.4 and 5.0.5 and I don't have access
to 5.0.4 right now. I can install it on a spare PC tomorrow for testing. )

Thanks,
Sam

On Thu, 22 Feb 2001, Tim Rice wrote:

> On Wed, 21 Feb 2001 mouring at etoh.eviladmin.org wrote:
> 
> > 
> > 
> > Applied.
> > 
> > thanks.
> 
> CVS Feb 22 15:42
> 
> I'm not seing any improvement here.
> ...
> tim(trr)@sco504 1% id -l
> uid=31(tim) gid=85(trr) luid=0(root) groups=85(trr),18(lp),50(group)
> ...
> 
> tim(trr)@sco504 12% uname -X
> 
> System = SCO_SV
> Node = sco504
> Release = 3.2v5.0.4
> KernelID = 97/09/03
> Machine = Pentium
> BusType = ISA
> Serial = 1NC013996
> Users = 2-user
> OEM# = 0
> Origin# = 1
> NumCPU = 1
> 
> 
> OpenSSH configured has been configured with the following options.
>                  User binaries: /usr/local/bin
>                System binaries: /usr/local/sbin
>            Configuration files: /usr/local/etc
>                Askpass program: /usr/local/libexec/ssh-askpass
>                   Manual pages: /usr/local/man/catX
>                       PID file: /usr/local/etc
>         sshd default user PATH: /bin:/usr/bin:/etc:/usr/local/bin
>       Random number collection: Builtin (timeout 200)
>                 Manpage format: cat
>                    PAM support: no
>             KerberosIV support: no
>                    AFS support: no
>                  S/KEY support: no
>           TCP Wrappers support: yes
>           MD5 password support: no
>    IP address in $DISPLAY hack: no
>       Use IPv4 by default hack: no
>        Translate v4 in v6 hack: no
> 
>               Host: i586-pc-sco3.2v5.0.4
>           Compiler: cc
>     Compiler flags: -g
> Preprocessor flags:  -I/usr/local/include -I/usr/local/ssl/include
>       Linker flags:  -L/usr/local/lib -L/usr/local/ssl/lib
>          Libraries: -lwrap -lz -lsocket  -lprot -lx -ltinfo -lm -lgen  -lcrypto
> 
> WARNING: you are using the builtin random number collection service.
> Please read WARNING.RNG and request that your OS vendor includes
> /dev/random in future versions of their OS.
> 
> sftp-server will be disabled.  Your compiler does not support
> 64bit integers.
> 
> > 
> > On Wed, 21 Feb 2001, Sam Vaughan wrote:
> > 
> > > 
> > > On Wed, 21 Feb 2001 mouring at etoh.eviladmin.org wrote:
> > >   
> > > >
> > > > Can you resend that patch?  It was managed in deliever and does not
> > > > apply against the current CVS tree.
> > > >
> > > > Thanks
> > > >
> > > > - Ben
> > > >
> > > 
> > > No problem, here is a patch for the CVS tree that I grabbed this
> > > morning. 
> > > 
> > > Sam
> > > 
> > > *** openssh_cvs/session.c Tue Feb 20 21:53:33 2001
> > > --- openssh_cvs_patch/session.c Wed Feb 21 11:03:24 2001
> > > ***************
> > > *** 1071,1076 ****
> > >                         }
> > >   #endif
> > >   # else /* HAVE_LOGIN_CAP */
> > >                         if (setlogin(pw->pw_name) < 0)
> > >                                 error("setlogin failed: %s",
> > > strerror(errno));
> > >                         if (setgid(pw->pw_gid) < 0) {
> > > --- 1071,1083 ----
> > >                         }
> > >   #endif
> > >   # else /* HAVE_LOGIN_CAP */
> > > + 
> > > + #if defined(HAVE_GETLUID) && defined(HAVE_SETLUID)
> > > +                       /* Sets login uid for accounting */
> > > +                       if (getluid() == -1 && setluid(pw->pw_uid) == -1)
> > > +                               error("setluid: %s", strerror(errno));
> > > + #endif /* defined(HAVE_GETLUID) && defined(HAVE_SETLUID) */
> > > + 
> > >                         if (setlogin(pw->pw_name) < 0)
> > >                                 error("setlogin failed: %s",
> > > strerror(errno));
> > >                         if (setgid(pw->pw_gid) < 0) {
> > > ***************
> > > *** 1122,1132 ****
> > >                 }
> > >   #endif /* HAVE_OSF_SIA */
> > >   
> > > - #if defined(HAVE_GETLUID) && defined(HAVE_SETLUID)
> > > -       /* Sets login uid for accounting */
> > > -       if (getluid() == -1 && setluid(pw->pw_uid) == -1)
> > > -               error("setluid: %s", strerror(errno));
> > > - #endif /* defined(HAVE_GETLUID) && defined(HAVE_SETLUID) */
> > >   
> > >   #ifdef HAVE_CYGWIN
> > >                 if (is_winnt)
> > > --- 1129,1134 ----
> > >                 }
> > >   #endif /* HAVE_OSF_SIA */
> > >   
> > >   
> > >   #ifdef HAVE_CYGWIN
> > >                 if (is_winnt)
> > > 
> > > 
> > > 
> > > 
> > > 
> > > 
> > 
> > 
> 
> -- 
> Tim Rice				Multitalents	(707) 887-1469
> tim at multitalents.net
> 
>

More information about the openssh-unix-dev mailing list