ProxyCommand not working if $SHELL not defined
Ben Lindstrom
mouring at eviladmin.org
Fri Sep 18 00:30:57 EST 2009
How does one get into a case where they are allowed to be logged in,
but they don't have a valid executable shell? This seems like a very
odd condition and one that shouldn't happen.
- Ben
On Sep 17, 2009, at 7:47 AM, Antonio Mignolli wrote:
> Ok, but the case with a not valid shell (non executable)
> is not covered.
> It is also a user (or sysadm) fault, though, if SHELL is not
> properly set.
>
> Bye.
>
> 2009/9/17 Damien Miller <djm at mindrot.org>:
>> On Thu, 17 Sep 2009, Antonio Mignolli wrote:
>>
>>> Maybe the mailing list cuts the attachments.
>>
>> Yes, we strip pretty much everything but text/plain to avoid spam and
>> malware.
>>
>>> patch.openssh-5.2p1.SHELLfix:
>>>
>>> 8<-----------------------------------------------------------------
>>> Common subdirectories: openssh-5.2p1/contrib and openssh-5.2p1.new/
>>> contrib
>>> diff -NupwB openssh-5.2p1/misc.c openssh-5.2p1.new/misc.c
>>> --- openssh-5.2p1/misc.c 2009-02-21 22:47:02.000000000 +0100
>>> +++ openssh-5.2p1.new/misc.c 2009-09-16 02:21:11.000000000 +0200
>>> @@ -849,3 +849,29 @@ ms_to_timeval(struct timeval *tv, int ms
>>> tv->tv_usec = (ms % 1000) * 1000;
>>> }
>>>
>>> +/*
>>> + * Get shell from env or use default '/bin/sh'
>>> + */
>>> +char *
>>> +get_shell_from_env()
>>
>> ...
>>
>> I think that this is quite overcomplicated. This is probably
>> sufficient.
>>
>> Index: sftp.c
>> ===================================================================
>> RCS file: /cvs/src/usr.bin/ssh/sftp.c,v
>> retrieving revision 1.111
>> diff -u -p -r1.111 sftp.c
>> --- sftp.c 18 Aug 2009 18:36:21 -0000 1.111
>> +++ sftp.c 17 Sep 2009 12:26:04 -0000
>> @@ -236,7 +236,7 @@ local_do_shell(const char *args)
>> if (!*args)
>> args = NULL;
>>
>> - if ((shell = getenv("SHELL")) == NULL)
>> + if ((shell = getenv("SHELL")) == NULL || *shell == '\0')
>> shell = _PATH_BSHELL;
>>
>> if ((pid = fork()) == -1)
>> Index: sshconnect.c
>> ===================================================================
>> RCS file: /cvs/src/usr.bin/ssh/sshconnect.c,v
>> retrieving revision 1.214
>> diff -u -p -r1.214 sshconnect.c
>> --- sshconnect.c 28 May 2009 16:50:16 -0000 1.214
>> +++ sshconnect.c 17 Sep 2009 12:26:05 -0000
>> @@ -76,7 +76,7 @@ ssh_proxy_connect(const char *host, u_sh
>> pid_t pid;
>> char *shell, strport[NI_MAXSERV];
>>
>> - if ((shell = getenv("SHELL")) == NULL)
>> + if ((shell = getenv("SHELL")) == NULL || *shell == '\0')
>> shell = _PATH_BSHELL;
>>
>> /* Convert the port number into a string. */
>> @@ -1148,7 +1148,7 @@ ssh_local_cmd(const char *args)
>> args == NULL || !*args)
>> return (1);
>>
>> - if ((shell = getenv("SHELL")) == NULL)
>> + if ((shell = getenv("SHELL")) == NULL || *shell == '\0')
>> shell = _PATH_BSHELL;
>>
>> pid = fork();
>>
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
More information about the openssh-unix-dev
mailing list