patch: contrib/redhat/openssh.spec updates for privsep

Damien Miller djm at mindrot.org
Tue May 7 12:24:44 EST 2002


On Tue, 7 May 2002, Pekka Savola wrote:

> Hello!
> 
> Now that PrivSep stuff works for PAM too, I took the time to update 
> contrib/redhat/openssh.spec to create the sshd user and set up the 
> /var/empty dir when installing the packages.
> 
> These have been done the Red Hat style, the uid/gif 74 is currently free 
> in RHL.
> 
> The only minor issues I could think of were:
>  - I'm not sure if /var/empty should be owned by openssh-server package, 
> but rather a filesystems package or such..

Agreed - I was thinking of making it /var/run/empty until such time as
there is an officially blessed place for it.

> Is this even LSB compliant?

No idea :)

>  - do all of these 'useradd' options also work in some "ancient" versions 
> of RHL, like 5.2?

Since the spec won't build with rpm < 4.x I don't think that this is too
much of a problem.

I'll take a look at the patch itself when time permits, probably this 
weekend.

-d




More information about the openssh-unix-dev mailing list