tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

- (dtucker) Cache selinux status earlier so we know if it's enabled after a 

chroot.  Allows ChrootDirectory to work with selinux support compiled in
   but not enabled.  Using it with selinux enabled will require some selinux
   support inside the chroot.  "looks sane" djm@
This commit is contained in:
Darren Tucker 2008-03-27 07:27:20 +11:00
parent a193900674
commit b8eb586412
4 changed files with 16 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
ChangeLog
View File

@ -1,3 +1,9 @@
20080327
- (dtucker) Cache selinux status earlier so we know if it's enabled after a
chroot. Allows ChrootDirectory to work with selinux support compiled in
but not enabled. Using it with selinux enabled will require some selinux
support inside the chroot. "looks sane" djm@
20080315 20080315
- (djm) [regress/test-exec.sh] Quote putty-related variables in case they are - (djm) [regress/test-exec.sh] Quote putty-related variables in case they are
empty; report and patch from Peter Stuge empty; report and patch from Peter Stuge
@ -3765,4 +3771,4 @@
OpenServer 6 and add osr5bigcrypt support so when someone migrates OpenServer 6 and add osr5bigcrypt support so when someone migrates
passwords between UnixWare and OpenServer they will still work. OK dtucker@ passwords between UnixWare and OpenServer they will still work. OK dtucker@
$Id: ChangeLog,v 1.4879 2008/03/15 06:27:58 djm Exp $ $Id: ChangeLog,v 1.4880 2008/03/26 20:27:20 dtucker Exp $

4
openbsd-compat/port-linux.c
View File

@ -1,4 +1,4 @@
/* $Id: port-linux.c,v 1.4 2007/06/27 22:48:03 djm Exp $ */ /* $Id: port-linux.c,v 1.5 2008/03/26 20:27:21 dtucker Exp $ */
/* /*
* Copyright (c) 2005 Daniel Walsh <dwalsh@redhat.com> * Copyright (c) 2005 Daniel Walsh <dwalsh@redhat.com>
@ -36,7 +36,7 @@
#include <selinux/get_context_list.h> #include <selinux/get_context_list.h>
/* Wrapper around is_selinux_enabled() to log its return value once only */ /* Wrapper around is_selinux_enabled() to log its return value once only */
static int int
ssh_selinux_enabled(void) ssh_selinux_enabled(void)
{ {
static int enabled = -1; static int enabled = -1;

3
openbsd-compat/port-linux.h
View File

@ -1,4 +1,4 @@
/* $Id: port-linux.h,v 1.1 2006/04/22 11:26:08 djm Exp $ */ /* $Id: port-linux.h,v 1.2 2008/03/26 20:27:21 dtucker Exp $ */
/* /*
* Copyright (c) 2006 Damien Miller <djm@openbsd.org> * Copyright (c) 2006 Damien Miller <djm@openbsd.org>
@ -20,6 +20,7 @@
#define _PORT_LINUX_H #define _PORT_LINUX_H
#ifdef WITH_SELINUX #ifdef WITH_SELINUX
int ssh_selinux_enabled(void);
void ssh_selinux_setup_pty(char *, const char *); void ssh_selinux_setup_pty(char *, const char *);
void ssh_selinux_setup_exec_context(char *); void ssh_selinux_setup_exec_context(char *);
#endif #endif

5
session.c
View File

@ -1345,6 +1345,11 @@ do_setusercontext(struct passwd *pw)
{ {
char *chroot_path, *tmp; char *chroot_path, *tmp;
#ifdef WITH_SELINUX
/* Cache selinux status for later use */
(void)ssh_selinux_enabled();
#endif
#ifndef HAVE_CYGWIN #ifndef HAVE_CYGWIN
if (getuid() == 0 || geteuid() == 0) if (getuid() == 0 || geteuid() == 0)
#endif /* HAVE_CYGWIN */ #endif /* HAVE_CYGWIN */