Patch: Solaris packages don't create privsep user or group
David Williams
d_wllms at lanl.gov
Tue Jul 16 08:13:41 EST 2002
Hi,
Hopefully this doesn't seem like hair-splitting but I'd like to suggest
the following additions to Darren's patch. This allows for the option
of turning off priv_sep at package build time:
Index: openssh/contrib/solaris/buildpkg.sh
===================================================================
RCS file: /cvs/openssh/contrib/solaris/buildpkg.sh,v
retrieving revision 1.6
diff -u -r1.6 buildpkg.sh
--- openssh/contrib/solaris/buildpkg.sh 15 Jul 2002 18:49:21 -0000
1.6
+++ openssh/contrib/solaris/buildpkg.sh 15 Jul 2002 22:06:25 -0000
@@ -23,6 +23,7 @@
# uncomment these next two as needed
#PERMIT_ROOT_LOGIN=no
#X11_FORWARDING=yes
+#USE_PRIVSEP=no
# list of system directories we do NOT want to change owner/group/perms
# when installing our package
SYSTEM_DIR="/etc \
@@ -140,6 +141,9 @@
$FAKE_ROOT/${sysconfdir}/sshd_config
[ "${X11_FORWARDING}" = yes ] && \
perl -p -i -e "s/#X11Forwarding no/X11Forwarding yes/" \
+ $FAKE_ROOT/${sysconfdir}/sshd_config
+[ "${USE_PRIVSEP}" = no ] && \
+ perl -p -i -e "s/#UsePrivilegeSeparation
yes/UsePrivilegeSeparation no/" \
$FAKE_ROOT/${sysconfdir}/sshd_config
# fix PrintMotd
perl -p -i -e "s/#PrintMotd yes/PrintMotd no/" \
--
David M. Williams, CISSP Phone: 505-665-5021
Systems Engineer, CCN-2 Fax: 505-667-7428
Los Alamos National Laboratory Email: d_wllms at lanl.gov
More information about the openssh-unix-dev
mailing list