upstream: it's no longer possible to disable privilege separation

in sshd, so don't double the tests' work by trying both off/on OpenBSD-Regress-ID: d366665466dbd09e9b707305da884be3e7619c68
2019-12-11 18:47:14 +00:00 · 2019-12-11 18:47:14 +00:00 · a7fc1df246
parent 3145d38ea0
commit a7fc1df246
5 changed files with 12 additions and 12 deletions
--- a/regress/cert-hostkey.sh
+++ b/regress/cert-hostkey.sh
@ -1,4 +1,4 @@
-#	$OpenBSD: cert-hostkey.sh,v 1.20 2019/11/26 23:43:10 djm Exp $
+#	$OpenBSD: cert-hostkey.sh,v 1.21 2019/12/11 18:47:14 djm Exp $
 #	Placed in the Public Domain.

 tid="certified host keys"
@ -131,7 +131,7 @@ attempt_connect() {
 }

 # Basic connect and revocation tests.
-for privsep in yes sandbox ; do
+for privsep in yes ; do
 	for ktype in $PLAIN_TYPES ; do
 		verbose "$tid: host ${ktype} cert connect privsep $privsep"
 		(
@ -169,7 +169,7 @@ for ktype in $PLAIN_TYPES ; do
 	kh_revoke cert_host_key_${ktype}.pub >> $OBJ/known_hosts-cert.orig
 done
 cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert
-for privsep in yes sandbox ; do
+for privsep in yes ; do
 	for ktype in $PLAIN_TYPES ; do
 		verbose "$tid: host ${ktype} revoked cert privsep $privsep"
 		(
--- a/regress/cert-userkey.sh
+++ b/regress/cert-userkey.sh
@ -1,4 +1,4 @@
-#	$OpenBSD: cert-userkey.sh,v 1.23 2019/11/26 23:43:10 djm Exp $
+#	$OpenBSD: cert-userkey.sh,v 1.24 2019/12/11 18:47:14 djm Exp $
 #	Placed in the Public Domain.

 tid="certified user keys"
@ -60,7 +60,7 @@ done
 # Test explicitly-specified principals
 for ktype in $EXTRA_TYPES $PLAIN_TYPES ; do
 	t=$(kname $ktype)
-	for privsep in yes sandbox ; do
+	for privsep in yes ; do
 		_prefix="${ktype} privsep $privsep"

 		# Setup for AuthorizedPrincipalsFile
@ -197,7 +197,7 @@ basic_tests() {

 	for ktype in $PLAIN_TYPES ; do
 		t=$(kname $ktype)
-		for privsep in yes no ; do
+		for privsep in yes ; do
 			_prefix="${ktype} privsep $privsep $auth"
 			# Simple connect
 			verbose "$tid: ${_prefix} connect"
--- a/regress/hostkey-agent.sh
+++ b/regress/hostkey-agent.sh
@ -1,4 +1,4 @@
-#	$OpenBSD: hostkey-agent.sh,v 1.9 2019/11/26 23:43:10 djm Exp $
+#	$OpenBSD: hostkey-agent.sh,v 1.10 2019/12/11 18:47:14 djm Exp $
 #	Placed in the Public Domain.

 tid="hostkey agent"
@ -30,7 +30,7 @@ cp $OBJ/known_hosts.orig $OBJ/known_hosts

 unset SSH_AUTH_SOCK

-for ps in no yes; do
+for ps in yes; do
 	for k in `${SSH} -Q key-plain | filter_sk` ; do
 		verbose "key type $k privsep=$ps"
 		cp $OBJ/sshd_proxy.orig $OBJ/sshd_proxy
--- a/regress/multipubkey.sh
+++ b/regress/multipubkey.sh
@ -1,4 +1,4 @@
-#	$OpenBSD: multipubkey.sh,v 1.2 2018/10/31 11:09:27 dtucker Exp $
+#	$OpenBSD: multipubkey.sh,v 1.3 2019/12/11 18:47:14 djm Exp $
 #	Placed in the Public Domain.

 tid="multiple pubkey"
@ -31,7 +31,7 @@ grep -v IdentityFile $OBJ/ssh_proxy.orig > $OBJ/ssh_proxy
 opts="-oProtocol=2 -F $OBJ/ssh_proxy -oIdentitiesOnly=yes"
 opts="$opts -i $OBJ/cert_user_key1 -i $OBJ/user_key1 -i $OBJ/user_key2"

-for privsep in yes sandbox ; do
+for privsep in yes ; do
 	(
 		grep -v "Protocol"  $OBJ/sshd_proxy.orig
 		echo "Protocol 2"
--- a/regress/principals-command.sh
+++ b/regress/principals-command.sh
@ -1,4 +1,4 @@
-#	$OpenBSD: principals-command.sh,v 1.8 2019/11/01 01:55:41 djm Exp $
+#	$OpenBSD: principals-command.sh,v 1.10 2019/12/11 18:47:14 djm Exp $
 #	Placed in the Public Domain.

 tid="authorized principals command"
@ -63,7 +63,7 @@ fi

 if [ -x $PRINCIPALS_COMMAND ]; then
 	# Test explicitly-specified principals
-	for privsep in yes sandbox ; do
+	for privsep in yes ; do
 		_prefix="privsep $privsep"

 		# Setup for AuthorizedPrincipalsCommand