Bugzilla – Attachment 922 Details for
Bug 1045
Missing option for ignoring the /etc/nologin file
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Proposed patch
openssh-4.0p1-ignore-nologin.patch (text/plain), 3.61 KB, created by
Tomas Mraz
on 2005-05-25 23:49:13 AEST
(
hide
)
Description:
Proposed patch
Filename:
MIME Type:
Creator:
Tomas Mraz
Created:
2005-05-25 23:49:13 AEST
Size:
3.61 KB
patch
obsolete
>--- openssh-4.0p1/sshd_config.5.ignore-nologin 2005-05-25 10:41:27.000000000 +0200 >+++ openssh-4.0p1/sshd_config.5 2005-05-25 15:22:34.829531980 +0200 >@@ -307,6 +307,12 @@ > or > .Dq rsa > are used for version 2 of the SSH protocol. >+.It Cm IgnoreNologin >+Specifies that existence of >+.Pa /etc/nologin >+file will not disable login access for users. >+The default is >+.Dq no . > .It Cm IgnoreRhosts > Specifies that > .Pa .rhosts >--- openssh-4.0p1/session.c.ignore-nologin 2005-05-25 10:41:27.000000000 +0200 >+++ openssh-4.0p1/session.c 2005-05-25 15:34:23.109765924 +0200 >@@ -1236,6 +1236,9 @@ > FILE *f = NULL; > char buf[1024]; > >+ if (options.ignore_nologin) >+ return; >+ > #ifdef HAVE_LOGIN_CAP > if (!login_getcapbool(lc, "ignorenologin", 0) && pw->pw_uid) > f = fopen(login_getcapstr(lc, "nologin", _PATH_NOLOGIN, >--- openssh-4.0p1/sshd_config.0.ignore-nologin 2005-05-25 10:41:27.000000000 +0200 >+++ openssh-4.0p1/sshd_config.0 2005-05-25 15:20:17.739391877 +0200 >@@ -174,6 +174,10 @@ > key files. ``rsa1'' keys are used for version 1 and ``dsa'' or > ``rsa'' are used for version 2 of the SSH protocol. > >+ IgnoreNologin >+ Specifies that existence of /etc/nologin file will not disable >+ login access for users. The default is ``no''. >+ > IgnoreRhosts > Specifies that .rhosts and .shosts files will not be used in > RhostsRSAAuthentication or HostbasedAuthentication. >--- openssh-4.0p1/servconf.h.ignore-nologin 2005-05-25 10:41:27.000000000 +0200 >+++ openssh-4.0p1/servconf.h 2005-05-25 15:27:25.462190167 +0200 >@@ -52,6 +52,7 @@ > * (sec). */ > int key_regeneration_time; /* Server key lifetime (seconds). */ > int permit_root_login; /* PERMIT_*, see above */ >+ int ignore_nologin; /* Ignore /etc/nologin */ > int ignore_rhosts; /* Ignore .rhosts and .shosts. */ > int ignore_user_known_hosts; /* Ignore ~/.ssh/known_hosts > * for RhostsRsaAuth */ >--- openssh-4.0p1/servconf.c.ignore-nologin 2005-05-25 10:41:27.468744000 +0200 >+++ openssh-4.0p1/servconf.c 2005-05-25 15:30:29.186963912 +0200 >@@ -50,6 +50,7 @@ > options->login_grace_time = -1; > options->key_regeneration_time = -1; > options->permit_root_login = PERMIT_NOT_SET; >+ options->ignore_nologin = -1; > options->ignore_rhosts = -1; > options->ignore_user_known_hosts = -1; > options->print_motd = -1; >@@ -143,6 +144,8 @@ > options->key_regeneration_time = 3600; > if (options->permit_root_login == PERMIT_NOT_SET) > options->permit_root_login = PERMIT_YES; >+ if (options->ignore_nologin == -1) >+ options->ignore_nologin = 0; > if (options->ignore_rhosts == -1) > options->ignore_rhosts = 1; > if (options->ignore_user_known_hosts == -1) >@@ -263,7 +266,7 @@ > sKerberosTgtPassing, sChallengeResponseAuthentication, > sPasswordAuthentication, sKbdInteractiveAuthentication, > sListenAddress, sAddressFamily, >- sPrintMotd, sPrintLastLog, sIgnoreRhosts, >+ sPrintMotd, sPrintLastLog, sIgnoreNologin, sIgnoreRhosts, > sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, > sStrictModes, sEmptyPasswd, sTCPKeepAlive, > sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression, >@@ -343,6 +346,7 @@ > { "addressfamily", sAddressFamily }, > { "printmotd", sPrintMotd }, > { "printlastlog", sPrintLastLog }, >+ { "ignorenologin", sIgnoreNologin }, > { "ignorerhosts", sIgnoreRhosts }, > { "ignoreuserknownhosts", sIgnoreUserKnownHosts }, > { "x11forwarding", sX11Forwarding }, >@@ -620,6 +624,9 @@ > if (*intptr == -1) > *intptr = value; > break; >+ case sIgnoreNologin: >+ intptr = &options->ignore_nologin; >+ goto parse_flag; > > case sIgnoreUserKnownHosts: > intptr = &options->ignore_user_known_hosts;
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=922">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 1045
: 922 |
981