Socket forwarding with non existent remote directories
Jim Knoble
jmknoble at pobox.com
Thu Oct 6 16:50:04 AEDT 2016
I'm not familiar enough with the syntax of RemoteForward to know which is the local socket and which the remote one, but if it's the remote end's directory that doesn't exist, that can be harder. Edge cases like:
- The containing file system usually exists, but is not mounted at the time of login.
- There is an error in expansion of the value (for example, the user's home directory was inadvertently reset in /etc/passwd, or the service that backs it gave a bad answer).
- The directory exists, but cannot be stat()ed due to permissions (e.g., /var/run/user is mode 0111).
Should sshd attempt to create the containing directory in those cases?
Perhaps a better approach would be to find a way to use PAM or login scripts to create the needed directory where appropriate?
--
jim knoble
> On Oct 5, 2016, at 15:31, Daniel Kahn Gillmor <dkg at fifthhorseman.net> wrote:
>
>> On Wed 2016-10-05 15:32:36 -0400, Andre Heinecke wrote:
>> In my opinion OpenSSH should create the parent directories of
>> RemoteForwarded files if possible. Maybe as a configuration option?
>> Do you agree?
>
> fwiw, i think this would be useful. I could probably help Andre
> assemble a patch if there's no objection to the idea.
>
> --dkg
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
More information about the openssh-unix-dev
mailing list