Attachment 1346 Details for Bug 177 – Updated chroot patch for OpenSSH 4.7_p1

[patch] Updated chroot patch for OpenSSH 4.7_p1

sftp-server-chroot-4.7_p1.patch (text/plain), 3.24 KB, created by Joshua Pettett on 2007-09-11 08:09:33 AEST

(hide)

Description:

Filename:

MIME Type:

Creator: Joshua Pettett

Created: 2007-09-11 08:09:33 AEST

Size: 3.24 KB

patch

obsolete

>Index: sftp-server.8
>===================================================================
>RCS file: /cvs/src/usr.bin/ssh/sftp-server.8,v
>retrieving revision 1.11
>diff -u -p -r1.11 sftp-server.8
>--- sftp-server.8	6 Jul 2006 10:47:57 -0000	1.11
>+++ sftp-server.8	9 Nov 2006 15:35:13 -0000
>@@ -30,6 +30,7 @@
> .Nd SFTP server subsystem
> .Sh SYNOPSIS
> .Nm sftp-server
>+.Op Fl C Ar chroot_path
> .Op Fl f Ar log_facility
> .Op Fl l Ar log_level
> .Sh DESCRIPTION
>@@ -54,6 +55,25 @@ for more information.
> .Pp
> Valid options are:
> .Bl -tag -width Ds
>+.It Fl C Ar chroot_path
>+Requests that
>+.Nm
>+.Xr chroot 2
>+itself to the specified path prior to processing requests from the user.
>+The
>+.Ar chroot_path
>+use the tilde syntax to refer to a user's home directory or one of the
>+following
>+escape characters:
>+.Ql %d
>+(local user's home directory) or
>+.Ql %g
>+(local user's primary group name).
>+Note that
>+.Xr chroot 2
>+support requires
>+.Nm
>+to be installed setuid root.
> .It Fl f Ar log_facility
> Specifies the facility code that is used when logging messages from
> .Nm .
>Index: sftp-server.c
>===================================================================
>--- sftp-server.c.orig  2007-05-20 01:09:05.000000000 -0400
>+++ sftp-server.c       2007-09-08 17:17:34.000000000 -0400
>@@ -32,6 +32,7 @@
> #include <stdio.h>
> #include <string.h>
> #include <pwd.h>
>+#include <grp.h>
> #include <time.h>
> #include <unistd.h>
> #include <stdarg.h>
>@@ -1185,6 +1186,35 @@ process(void)
> 		buffer_consume(&iqueue, msg_len - consumed);
> }
> 
>+static void
>+do_chroot(const char *chroot_path_template)
>+{
>+	char *cp, *chroot_path;
>+	struct group *gr;
>+
>+	if ((gr = getgrgid(pw->pw_gid)) == NULL)
>+		fatal("No group found for gid %lu", (u_long)pw->pw_gid);
>+
>+	cp = percent_expand(chroot_path_template, "d", pw->pw_dir,
>+	    "u", pw->pw_name, "g", gr->gr_name, (char *)NULL);
>+	chroot_path = tilde_expand_filename(cp, getuid());
>+	xfree(cp);
>+
>+	logit("chroot to %s", chroot_path);
>+
>+	/* Ensure the user has rights to access the chroot path first */
>+	temporarily_use_uid(pw);
>+	if (chdir(chroot_path) == -1)
>+		fatal("chdir(\"%s\"): %s", chroot_path, strerror(errno));
>+	restore_uid();
>+
>+	if (chroot(chroot_path) == -1)
>+		fatal("chroot(\"%s\"): %s", chroot_path, strerror(errno));
>+	if (chdir("/") == -1)
>+		fatal("chdir(\"/\"): %s", strerror(errno));
>+	xfree(chroot_path);
>+}
>+
> /* Cleanup handler that logs active handles upon normal exit */
> void
> cleanup_exit(int i)
>@@ -1214,7 +1244,7 @@ main(int argc, char **argv)
> 	int in, out, max, ch, skipargs = 0, log_stderr = 0;
> 	ssize_t len, olen, set_size;
> 	SyslogFacility log_facility = SYSLOG_FACILITY_AUTH;
>-	char *cp, buf[4*4096];
>+	char *cp, buf[4*4096], *chroot_path = NULL;
> 
> 	extern char *optarg;
> 	extern char *__progname;
>@@ -1227,6 +1257,9 @@ main(int argc, char **argv)
> 
> 	while (!skipargs && (ch = getopt(argc, argv, "C:f:l:che")) != -1) {
> 		switch (ch) {
>+		case 'C':
>+			chroot_path = optarg;
>+			break;
> 		case 'c':
> 			/*
> 			 * Ignore all arguments if we are invoked as a
>@@ -1271,6 +1304,11 @@ main(int argc, char **argv)
> 	logit("session opened for local user %s from [%s]",
> 	    pw->pw_name, client_addr);
> 
>+	if (chroot_path != NULL)
>+		do_chroot(chroot_path);
>+	if (getuid() != geteuid())
>+		permanently_set_uid(pw);
>+		
> 	handle_init();
> 
> 	in = dup(STDIN_FILENO);

Actions: View | Diff

Attachments on bug 177: 683 | 1018 | 1156 | 1206 | 1277 | 1346