[PATCH] Use login_getpwclass() instead of login_getclass() so that the root vs. default login class distinction is made correctly.

Ed Maste emaste at freebsd.org
Sat Feb 20 12:20:15 AEDT 2021


On Wed, 17 Feb 2021 at 19:10, Damien Miller <djm at mindrot.org> wrote:
>
> On Mon, 15 Feb 2021, Ed Maste wrote:
>
> > From: Brian Feldman <green at FreeBSD.org>
> >
> > From FreeBSD 885a59f2e067 by Brian Feldman <green at FreeBSD.org>.
> >
> > Details in FreeBSD PR 37416 https://bugs.freebsd.org/37416 - summary:
> >
> > > sshd uses the "default" login class for users with uid=0 instead of
> > > the "root" login class when setting up the user's session.
> > > ...
> diff --git a/openbsd-compat/openbsd-compat.h b/openbsd-compat/openbsd-compat.h
> index 50bac587..542ae58d 100644
> --- a/openbsd-compat/openbsd-compat.h
> +++ b/openbsd-compat/openbsd-compat.h
> @@ -48,6 +48,10 @@
>  #include "blf.h"
>  #include "fnmatch.h"
>
> +#if defined(HAVE_LOGIN_CAP) && !defined(HAVE_LOGIN_GETPWCLASS)
> +# define login_getpwclass(pw) login_getclass(pw->pw_class)
> +#endif
> +
>  #ifndef HAVE_BASENAME
>  char *basename(const char *path);
>  #endif

LGTM

Not sure if you want to move the openbsd-compat.h hunk to follow
HAVE_GETCWD, keeping them in alphabeticalish order?


More information about the openssh-unix-dev mailing list