Bugzilla – Attachment 114 Details for
Bug 261
AIX capabilities + port-aix.c cleanup
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Would the following be acceptable version of this patch?
setpcred_patch.htm (text/plain), 7.03 KB, created by
Ben Lindstrom
on 2002-06-14 05:55:41 AEST
(
hide
)
Description:
Would the following be acceptable version of this patch?
Filename:
MIME Type:
Creator:
Ben Lindstrom
Created:
2002-06-14 05:55:41 AEST
Size:
7.03 KB
patch
obsolete
><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> ><!-- saved from url=(0048)http://www.eviladmin.org/~mouring/setpcred.patch --> ><HTML><HEAD> ><META http-equiv=Content-Type content="text/html; charset=windows-1252"> ><META content="MSHTML 6.00.2716.2200" name=GENERATOR></HEAD> ><BODY><PRE>? xx >Index: configure.ac >=================================================================== >RCS file: /var/cvs/openssh/configure.ac,v >retrieving revision 1.66 >diff -u -r1.66 configure.ac >--- configure.ac 12 Jun 2002 16:57:15 -0000 1.66 >+++ configure.ac 13 Jun 2002 19:50:44 -0000 >@@ -571,9 +571,9 @@ > mkdtemp mmap ngetaddrinfo openpty ogetaddrinfo readpassphrase \ > realpath recvmsg rresvport_af sendmsg setdtablesize setegid \ > setenv seteuid setgroups setlogin setproctitle setresgid setreuid \ >- setrlimit setsid setvbuf sigaction sigvec snprintf socketpair \ >- strerror strlcat strlcpy strmode strsep sysconf tcgetpgrp truncate \ >- utimes vhangup vsnprintf waitpid __b64_ntop _getpty) >+ setrlimit setsid setpcred setvbuf sigaction sigvec snprintf >+ socketpair strerror strlcat strlcpy strmode strsep sysconf tcgetpgrp >+ truncate utimes vhangup vsnprintf waitpid __b64_ntop _getpty) > > dnl IRIX and Solaris 2.5.1 have dirname() in libgen > AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[ >@@ -620,11 +620,6 @@ > dnl Checks for utmpx functions > AC_CHECK_FUNCS(endutxent getutxent getutxid getutxline pututxline ) > AC_CHECK_FUNCS(setutxent utmpxname) >- >-AC_CHECK_FUNC(getuserattr, >- [AC_DEFINE(HAVE_GETUSERATTR)], >- [AC_CHECK_LIB(s, getuserattr, [LIBS="$LIBS -ls"; AC_DEFINE(HAVE_GETUSERATTR)])] >-) > > AC_CHECK_FUNC(daemon, > [AC_DEFINE(HAVE_DAEMON)], >Index: session.c >=================================================================== >RCS file: /var/cvs/openssh/session.c,v >retrieving revision 1.200 >diff -u -r1.200 session.c >--- session.c 11 Jun 2002 16:42:49 -0000 1.200 >+++ session.c 13 Jun 2002 19:50:57 -0000 >@@ -1153,9 +1153,9 @@ > #else /* HAVE_CYGWIN */ > if (getuid() == 0 || geteuid() == 0) { > #endif /* HAVE_CYGWIN */ >-#ifdef HAVE_GETUSERATTR >- set_limits_from_userattr(pw->pw_name); >-#endif /* HAVE_GETUSERATTR */ >+#ifdef HAVE_SETPCRED >+ setpcred(pw->pw_name); >+#endif /* HAVE_SETPCRED */ > #ifdef HAVE_LOGIN_CAP > if (setusercontext(lc, pw, pw->pw_uid, > (LOGIN_SETALL & ~LOGIN_SETPATH)) < 0) { >Index: openbsd-compat/port-aix.c >=================================================================== >RCS file: /var/cvs/openssh/openbsd-compat/port-aix.c,v >retrieving revision 1.2 >diff -u -r1.2 port-aix.c >--- openbsd-compat/port-aix.c 24 Feb 2002 20:25:47 -0000 1.2 >+++ openbsd-compat/port-aix.c 13 Jun 2002 19:50:57 -0000 >@@ -2,103 +2,8 @@ > > #ifdef _AIX > >-#ifdef HAVE_USERSEC_H >-#include <usersec.h> >-#endif /* HAVE_USERSEC_H */ >- > #include <uinfo.h> > #include <../xmalloc.h> >- >-/* AIX limits */ >-#if defined(HAVE_GETUSERATTR) && !defined(S_UFSIZE_HARD) && defined(S_UFSIZE) >-# define S_UFSIZE_HARD S_UFSIZE "_hard" >-# define S_UCPU_HARD S_UCPU "_hard" >-# define S_UDATA_HARD S_UDATA "_hard" >-# define S_USTACK_HARD S_USTACK "_hard" >-# define S_URSS_HARD S_URSS "_hard" >-# define S_UCORE_HARD S_UCORE "_hard" >-# define S_UNOFILE_HARD S_UNOFILE "_hard" >-#endif >- >-#if defined(HAVE_GETUSERATTR) >-/* >- * AIX-specific login initialisation >- */ >-void >-set_limit(char *user, char *soft, char *hard, int resource, int mult) >-{ >- struct rlimit rlim; >- int slim, hlim; >- >- getrlimit(resource, &rlim); >- >- slim = 0; >- if (getuserattr(user, soft, &slim, SEC_INT) != -1) { >- if (slim < 0) { >- rlim.rlim_cur = RLIM_INFINITY; >- } else if (slim != 0) { >- /* See the wackiness below */ >- if (rlim.rlim_cur == slim * mult) >- slim = 0; >- else >- rlim.rlim_cur = slim * mult; >- } >- } >- hlim = 0; >- if (getuserattr(user, hard, &hlim, SEC_INT) != -1) { >- if (hlim < 0) { >- rlim.rlim_max = RLIM_INFINITY; >- } else if (hlim != 0) { >- rlim.rlim_max = hlim * mult; >- } >- } >- >- /* >- * XXX For cpu and fsize the soft limit is set to the hard limit >- * if the hard limit is left at its default value and the soft limit >- * is changed from its default value, either by requesting it >- * (slim == 0) or by setting it to the current default. At least >- * that's how rlogind does it. If you're confused you're not alone. >- * Bug or feature? AIX 4.3.1.2 >- */ >- if ((!strcmp(soft, "fsize") || !strcmp(soft, "cpu")) >- && hlim == 0 && slim != 0) >- rlim.rlim_max = rlim.rlim_cur; >- /* A specified hard limit limits the soft limit */ >- else if (hlim > 0 && rlim.rlim_cur > rlim.rlim_max) >- rlim.rlim_cur = rlim.rlim_max; >- /* A soft limit can increase a hard limit */ >- else if (rlim.rlim_cur > rlim.rlim_max) >- rlim.rlim_max = rlim.rlim_cur; >- >- if (setrlimit(resource, &rlim) != 0) >- error("setrlimit(%.10s) failed: %.100s", soft, strerror(errno)); >-} >- >-void >-set_limits_from_userattr(char *user) >-{ >- int mask; >- char buf[16]; >- >- set_limit(user, S_UFSIZE, S_UFSIZE_HARD, RLIMIT_FSIZE, 512); >- set_limit(user, S_UCPU, S_UCPU_HARD, RLIMIT_CPU, 1); >- set_limit(user, S_UDATA, S_UDATA_HARD, RLIMIT_DATA, 512); >- set_limit(user, S_USTACK, S_USTACK_HARD, RLIMIT_STACK, 512); >- set_limit(user, S_URSS, S_URSS_HARD, RLIMIT_RSS, 512); >- set_limit(user, S_UCORE, S_UCORE_HARD, RLIMIT_CORE, 512); >-#if defined(S_UNOFILE) >- set_limit(user, S_UNOFILE, S_UNOFILE_HARD, RLIMIT_NOFILE, 1); >-#endif >- >- if (getuserattr(user, S_UMASK, &mask, SEC_INT) != -1) { >- /* Convert decimal to octal */ >- (void) snprintf(buf, sizeof(buf), "%d", mask); >- if (sscanf(buf, "%o", &mask) == 1) >- umask(mask); >- } >-} >-#endif /* defined(HAVE_GETUSERATTR) */ > > /* > * AIX has a "usrinfo" area where logname and >Index: openbsd-compat/port-aix.h >=================================================================== >RCS file: /var/cvs/openssh/openbsd-compat/port-aix.h,v >retrieving revision 1.3 >diff -u -r1.3 port-aix.h >--- openbsd-compat/port-aix.h 25 Feb 2002 15:48:04 -0000 1.3 >+++ openbsd-compat/port-aix.h 13 Jun 2002 19:50:57 -0000 >@@ -1,10 +1,5 @@ > #ifdef _AIX > >-#ifdef HAVE_GETUSERATTR >-void set_limit(char *user, char *soft, char *hard, int resource, int mult); >-void set_limits_from_userattr(char *user); >-#endif /* HAVE_GETUSERATTR */ >- > void aix_usrinfo(struct passwd *pw, char *tty, int ttyfd); > > #endif /* _AIX */ ></PRE></BODY></HTML>
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=114">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 261
:
107
|
109
|
110
| 114