Attachment #1156 for bug #177

Lines 5-11 Link Here

(-)sftp-server/Makefile (-1 / +1 lines)
5	PROG= sftp-server	5	PROG= sftp-server
6	BINOWN= root	6	BINOWN= root
7		7
8	BINMODE?=555	8	BINMODE?=4555
9		9
10	BINDIR= /usr/libexec	10	BINDIR= /usr/libexec
11	MAN= sftp-server.8	11	MAN= sftp-server.8




.Nd SFTP server subsystem
.Sh SYNOPSIS
.Nm sftp-server
.Op Fl C Ar chroot_path
.Op Fl f Ar log_facility
.Op Fl l Ar log_level
.Sh DESCRIPTION

.Pp
Valid options are:
.Bl -tag -width Ds
.It Fl C Ar chroot_path
Requests that
.Nm
.Xr chroot 2
itself to the specified path prior to processing requests from the user.
The
.Ar chroot_path
use the tilde syntax to refer to a user's home directory or one of the
following
escape characters:
.Ql %d
(local user's home directory) or
.Ql %g
(local user's primary group name).
Note that
.Xr chroot 2
support requires
.Nm
to be installed setuid root.
.It Fl f Ar log_facility
Specifies the facility code that is used when logging messages from
.Nm .




		buffer_consume(&iqueue, msg_len - consumed);
}

static void
do_chroot(const char *chroot_path_template)
{
	char *cp, *chroot_path;
	struct group *gr;

	if ((gr = getgrgid(pw->pw_gid)) == NULL)
		fatal("No group found for gid %lu", (u_long)pw->pw_gid);

	cp = percent_expand(chroot_path_template, "d", pw->pw_dir,
	    "u", pw->pw_name, "g", gr->gr_name, (char *)NULL);
	chroot_path = tilde_expand_filename(cp, getuid());
	xfree(cp);

	logit("chroot to %s", chroot_path);

	/* Ensure the user has rights to access the chroot path first */
	temporarily_use_uid(pw);
	if (chdir(chroot_path) == -1)
		fatal("chdir(\"%s\"): %s", chroot_path, strerror(errno));
	restore_uid();

	if (chroot(chroot_path) == -1)
		fatal("chroot(\"%s\"): %s", chroot_path, strerror(errno));
	if (chdir("/") == -1)
		fatal("chdir(\"/\"): %s", strerror(errno));
	xfree(chroot_path);
}

/* Cleanup handler that logs active handles upon normal exit */
void
cleanup_exit(int i)

	int in, out, max, ch, skipargs = 0, log_stderr = 0;
	ssize_t len, olen, set_size;
	SyslogFacility log_facility = SYSLOG_FACILITY_AUTH;
	char *cp, *chroot_path = NULL;

	extern int optind;
	extern char *optarg;


	while (!skipargs && (ch = getopt(argc, argv, "C:f:l:che")) != -1) {
		switch (ch) {
		case 'C':
			chroot_path = optarg;
			break;
		case 'c':
			/*
			 * Ignore all arguments if we are invoked as a

	logit("session opened for client %s local user %s",
	    client_addr, pw->pw_name);

	if (chroot_path != NULL)
		do_chroot(chroot_path);
	if (getuid() != geteuid())
		permanently_set_uid(pw);
		
	handle_init();

	in = dup(STDIN_FILENO);

Return to bug 177

Lines 1154-1159 process(void) Link Here

(-)sftp-server.c (-1 / +38 lines)
1154	buffer_consume(&iqueue, msg_len - consumed);	1154	buffer_consume(&iqueue, msg_len - consumed);
1155	}	1155	}
1156		1156
		1157	static void
		1158	do_chroot(const char *chroot_path_template)
		1159	{
		1160	char cp, chroot_path;
		1161	struct group *gr;
		1162
		1163	if ((gr = getgrgid(pw->pw_gid)) == NULL)
		1164	fatal("No group found for gid %lu", (u_long)pw->pw_gid);
		1165
		1166	cp = percent_expand(chroot_path_template, "d", pw->pw_dir,
		1167	"u", pw->pw_name, "g", gr->gr_name, (char *)NULL);
		1168	chroot_path = tilde_expand_filename(cp, getuid());
		1169	xfree(cp);
		1170
		1171	logit("chroot to %s", chroot_path);
		1172
		1173	/* Ensure the user has rights to access the chroot path first */
		1174	temporarily_use_uid(pw);
		1175	if (chdir(chroot_path) == -1)
		1176	fatal("chdir(\"%s\"): %s", chroot_path, strerror(errno));
		1177	restore_uid();
		1178
		1179	if (chroot(chroot_path) == -1)
		1180	fatal("chroot(\"%s\"): %s", chroot_path, strerror(errno));
		1181	if (chdir("/") == -1)
		1182	fatal("chdir(\"/\"): %s", strerror(errno));
		1183	xfree(chroot_path);
		1184	}
		1185
1157	/* Cleanup handler that logs active handles upon normal exit */	1186	/* Cleanup handler that logs active handles upon normal exit */
1158	void	1187	void
1159	cleanup_exit(int i)	1188	cleanup_exit(int i)
Lines 1179-1185 main(int argc, char **argv) Link Here
1179	int in, out, max, ch, skipargs = 0, log_stderr = 0;	1208	int in, out, max, ch, skipargs = 0, log_stderr = 0;
1180	ssize_t len, olen, set_size;	1209	ssize_t len, olen, set_size;
1181	SyslogFacility log_facility = SYSLOG_FACILITY_AUTH;	1210	SyslogFacility log_facility = SYSLOG_FACILITY_AUTH;
1182	char *cp;	1211	char cp, chroot_path = NULL;
1183		1212
1184	extern int optind;	1213	extern int optind;
1185	extern char *optarg;	1214	extern char *optarg;
Lines 1192-1197 main(int argc, char **argv) Link Here
1192		1221
1193	while (!skipargs && (ch = getopt(argc, argv, "C:f:l:che")) != -1) {	1222	while (!skipargs && (ch = getopt(argc, argv, "C:f:l:che")) != -1) {
1194	switch (ch) {	1223	switch (ch) {
		1224	case 'C':
		1225	chroot_path = optarg;
		1226	break;
1195	case 'c':	1227	case 'c':
1196	/*	1228	/*
1197	* Ignore all arguments if we are invoked as a	1229	* Ignore all arguments if we are invoked as a
Lines 1236-1241 main(int argc, char **argv) Link Here
1236	logit("session opened for client %s local user %s",	1268	logit("session opened for client %s local user %s",
1237	client_addr, pw->pw_name);	1269	client_addr, pw->pw_name);
1238		1270
		1271	if (chroot_path != NULL)
		1272	do_chroot(chroot_path);
		1273	if (getuid() != geteuid())
		1274	permanently_set_uid(pw);
		1275
1239	handle_init();	1276	handle_init();
1240		1277
1241	in = dup(STDIN_FILENO);	1278	in = dup(STDIN_FILENO);

Lines 30-35 Link Here

(-)sftp-server.8 (+20 lines)
30	.Nd SFTP server subsystem	30	.Nd SFTP server subsystem
31	.Sh SYNOPSIS	31	.Sh SYNOPSIS
32	.Nm sftp-server	32	.Nm sftp-server
		33	.Op Fl C Ar chroot_path
33	.Op Fl f Ar log_facility	34	.Op Fl f Ar log_facility
34	.Op Fl l Ar log_level	35	.Op Fl l Ar log_level
35	.Sh DESCRIPTION	36	.Sh DESCRIPTION
Lines 54-59 for more information. Link Here
54	.Pp	55	.Pp
55	Valid options are:	56	Valid options are:
56	.Bl -tag -width Ds	57	.Bl -tag -width Ds
		58	.It Fl C Ar chroot_path
		59	Requests that
		60	.Nm
		61	.Xr chroot 2
		62	itself to the specified path prior to processing requests from the user.
		63	The
		64	.Ar chroot_path
		65	use the tilde syntax to refer to a user's home directory or one of the
		66	following
		67	escape characters:
		68	.Ql %d
		69	(local user's home directory) or
		70	.Ql %g
		71	(local user's primary group name).
		72	Note that
		73	.Xr chroot 2
		74	support requires
		75	.Nm
		76	to be installed setuid root.
57	.It Fl f Ar log_facility	77	.It Fl f Ar log_facility
58	Specifies the facility code that is used when logging messages from	78	Specifies the facility code that is used when logging messages from
59	.Nm .	79	.Nm .