SSH_PRIVSEP_USER configurable at runtime?
Corinna Vinschen
vinschen at redhat.com
Wed Apr 2 23:44:28 EST 2014
On Apr 2 13:37, Peter Stuge wrote:
> Corinna Vinschen wrote:
> > On non-domain machines the account
> > name will be "sshd", not "${machine}+sshd". Except if the admin
> > specifies that the domain is always prepended, which makes it
> > "${machine}+sshd" again. And if the admin specifies the separator char
> > to be not '+' but, for instance '#', the account name will be
> > "${machine}#sshd".
> >
> > All that knowledge would have to go into sshd.c.
>
> FWIW I think this is the right solution.
Hmm. Come to think of it, SSH_PRIVSEP_USER could be defined as a macro
calling a function which returns the username. And configure.ac could
define SSH_PRIVSEP_USER as, say, cygwin_privsep_user() by default, when
built for Cygwin so the ugly details could be hidden in bsd-cygwin_util.c.
The Cygwin changes are still in an early stage of testing, but I'll
come back to this.
Corinna
--
Corinna Vinschen
Cygwin Maintainer
Red Hat
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20140402/e7608f54/attachment.bin>
More information about the openssh-unix-dev
mailing list