Attachment #1917 for bug #1614

Lines 41-47 fi Link Here

(-)openssh-5.6p1/contrib/ssh-copy-id.selabel (-1 / +1 lines)
41	# strip any trailing colon	41	# strip any trailing colon
42	host=`echo $1 \| sed 's/:$//'`	42	host=`echo $1 \| sed 's/:$//'`
43		43
44	{ eval "$GET_ID" ; } \| ssh $host "umask 077; test -d ~/.ssh \|\| mkdir ~/.ssh ; cat >> ~/.ssh/authorized_keys" \|\| exit 1	44	{ eval "$GET_ID" ; } \| ssh $host "umask 077; test -d ~/.ssh \|\| mkdir ~/.ssh ; cat >> ~/.ssh/authorized_keys; test -x /sbin/restorecon && /sbin/restorecon ~/.ssh ~/.ssh/authorized_keys" \|\| exit 1
45		45
46	cat <<EOF	46	cat <<EOF
47	Now try logging into the machine, with "ssh '$host'", and check in:	47	Now try logging into the machine, with "ssh '$host'", and check in:

Lines 141-147 libssh.a: $(LIBSSH_OBJS) Link Here

(-)openssh-5.6p1/Makefile.in.selabel (-1 / +1 lines)
141	$(RANLIB) $@	141	$(RANLIB) $@
142		142
143	ssh$(EXEEXT): $(LIBCOMPAT) libssh.a $(SSHOBJS)	143	ssh$(EXEEXT): $(LIBCOMPAT) libssh.a $(SSHOBJS)
144	$(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lfipscheck $(LIBS)	144	$(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lfipscheck -lselinux $(LIBS)
145		145
146	sshd$(EXEEXT): libssh.a $(LIBCOMPAT) $(SSHDOBJS)	146	sshd$(EXEEXT): libssh.a $(LIBCOMPAT) $(SSHDOBJS)
147	$(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lfipscheck $(SSHDLIBS) $(LIBS)	147	$(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lfipscheck $(SSHDLIBS) $(LIBS)

Lines 74-79 Link Here

(-)openssh-5.6p1/ssh.c.selabel (-2 / +8 lines)
74	#include <openssl/err.h>	74	#include <openssl/err.h>
75	#include <openssl/fips.h>	75	#include <openssl/fips.h>
76	#include <fipscheck.h>	76	#include <fipscheck.h>
		77	#include <selinux/selinux.h>
77	#include "openbsd-compat/openssl-compat.h"	78	#include "openbsd-compat/openssl-compat.h"
78	#include "openbsd-compat/sys-queue.h"	79	#include "openbsd-compat/sys-queue.h"
79		80
Lines 848-857 main(int ac, char **av) Link Here
848	*/	849	*/
849	r = snprintf(buf, sizeof buf, "%s%s%s", pw->pw_dir,	850	r = snprintf(buf, sizeof buf, "%s%s%s", pw->pw_dir,
850	strcmp(pw->pw_dir, "/") ? "/" : "", _PATH_SSH_USER_DIR);	851	strcmp(pw->pw_dir, "/") ? "/" : "", _PATH_SSH_USER_DIR);
851	if (r > 0 && (size_t)r < sizeof(buf) && stat(buf, &st) < 0)	852	if (r > 0 && (size_t)r < sizeof(buf) && stat(buf, &st) < 0) {
		853	char *scon;
		854
		855	matchpathcon(buf, 0700, &scon);
		856	setfscreatecon(scon);
852	if (mkdir(buf, 0700) < 0)	857	if (mkdir(buf, 0700) < 0)
853	error("Could not create directory '%.200s'.", buf);	858	error("Could not create directory '%.200s'.", buf);
854		859	setfscreatecon(NULL);
		860	}
855	/* load options.identity_files */	861	/* load options.identity_files */
856	load_public_identity_files();	862	load_public_identity_files();
857		863

Return to bug 1614