[Chrootssh-users] patch-chrootssh-openssh-4.1-openbsd-3.7

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

You are still an alternavie to chrsh.c ;)

# cat >patch-chrootssh-openssh-4.1-openbsd-3.7=20
<<EOF_patch-chrootssh-openssh-4.1-openbsd-3.7

--- /usr/src/usr.bin/ssh/session.c      Tue Aug  9 11:42:11 2005
+++ /usr/src/usr.bin/ssh/session.c.chrootssh    Tue Aug  9 11:41:18 2005
@@ -58,6 +58,8 @@
 #include "session.h"
 #include "monitor_wrap.h"

+#define CHROOT
+
 #ifdef KRB5
 #include <kafs.h>
 #endif
@@ -996,7 +998,33 @@
 void
 do_setusercontext(struct passwd *pw)
 {
+
+#ifdef CHROOT
+       char *user_dir;
+       char *new_root;
+#endif /* CHROOT */
+
        if (getuid() =3D=3D 0 || geteuid() =3D=3D 0) {
+#ifdef CHROOT
+        debug("CHROOT: Enter in chroot patch");
+
+        user_dir =3D xstrdup(pw->pw_dir);
+        new_root =3D user_dir + 1;
+
+        while((new_root =3D strchr(new_root, '.')) !=3D NULL) {
+        new_root--;
+                if(strncmp(new_root, "/./", 3) =3D=3D 0) {
+                        *new_root =3D '\0';
+                        new_root +=3D 2;
+                        debug("CHROOT: Do chroot on %s",user_dir);
+                        if(chroot(user_dir) !=3D 0)
+                                fatal("Couldn't chroot to user's=20
directory %s",user_dir);
+                        pw->pw_dir =3D new_root;
+                        break;
+                }
+                new_root +=3D 2;
+        }
+#endif /* CHROOT */
 #ifdef HAVE_LOGIN_CAP
                if (setusercontext(lc, pw, pw->pw_uid,
                    (LOGIN_SETALL & ~LOGIN_SETPATH)) < 0) {
@@ -1016,13 +1044,14 @@
                        exit(1);
                }
                endgrent();
-
                /* Permanently switch to the desired uid. */
                permanently_set_uid(pw);
 #endif
+
        }
        if (getuid() !=3D pw->pw_uid || geteuid() !=3D pw->pw_uid)
                fatal("Failed to set uids to %u.", (u_int) pw->pw_uid);
+
 }

 static void
EOF_patch-chroot-openssh-4.1-openbsd-3.7
################
# patch -p0 <patch-chrootssh-openssh-4.1-openbsd-3.7

--=20

**************************************************
Sylvain MAURIN - Admin.Sys.
Institut des Sciences Cognitives
UMR 5015 CNRS-Universit=E9 Claude Bernard Lyon 1
67, boulevard Pinel  69675 BRON cedex
Tel: +33 437911218  --  Cel: +33 612399929
Mail: syl...@is...
**************************************************




