Problems with -with-sandbox=solaris on Solaris 10
Alex Wilson
alex at cooperi.net
Fri Mar 11 10:23:38 AEDT 2016
On 3/10/16 2:07 PM, Jeff Wieland wrote:
> I was involved with the issues building OpenSSH 7.2p1 to use the
> Solaris sandbox, but I ended up dropping out of the discussion
> due to being on the road for most of the last couple of weeks.
>
> Anyway, the problems persist with OpenSSH 7.2p2 when building
> with --with-sandbox=solaris. I found that there's an error in
> openbsd-compat/port-solaris.h on line 30, because the type
> priv_set_t hasn't been defined:
>
> <snip>
>
> The fix appears to be simple -- add #include <priv.h> to
> openbsd-compat/port-solaris.h.
>
Yes, I've just finally caught up with starting to deploy 7.2 here (on
Illumos) and noticed the same thing. Not sure how I missed it when
building the proposed fix patch back when it was merged, though. I
suspect that email thread had a few too many different patches floating
around in it.
This is the exact diff I used to fix up the build:
diff --git a/openbsd-compat/port-solaris.h b/openbsd-compat/port-solaris.h
index 3a41ea8..a7cb5eb 100644
--- a/openbsd-compat/port-solaris.h
+++ b/openbsd-compat/port-solaris.h
@@ -27,6 +27,7 @@ void solaris_contract_post_fork_child(void);
void solaris_contract_post_fork_parent(pid_t pid);
void solaris_set_default_project(struct passwd *);
# ifdef USE_SOLARIS_PRIVS
+#include <priv.h>
priv_set_t *solaris_basic_privset(void);
void solaris_drop_privs_pinfo_net_fork_exec(void);
void solaris_drop_privs_root_pinfo_net(void);
More information about the openssh-unix-dev
mailing list