Attachment #2737 for bug #2458




#endif

static int is_child = 0;
static int in_chroot = 0;

/* Name and directory of socket for authentication agent forwarding. */
static char *auth_sock_name = NULL;

do_setusercontext(struct passwd *pw)
{
	char *chroot_path, *tmp;
#ifdef USE_LIBIAF
	int doing_chroot = 0;
#endif

	platform_setusercontext(pw);



		platform_setusercontext_post_groups(pw);

		if (!in_chroot && options.chroot_directory != NULL &&
		    strcasecmp(options.chroot_directory, "none") != 0) {
                        tmp = tilde_expand_filename(options.chroot_directory,
			    pw->pw_uid);

			/* Make sure we don't attempt to chroot again */
			free(options.chroot_directory);
			options.chroot_directory = NULL;
			in_chroot = 1;
			doing_chroot = 1;
#endif
		}

#ifdef HAVE_LOGIN_CAP

		(void) setusercontext(lc, pw, pw->pw_uid, LOGIN_SETUMASK);
#else
# ifdef USE_LIBIAF
		/*
		 * In a chroot environment, the set_id() will always fail;
		 * typically because of the lack of necessary authentication
		 * services and runtime such as ./usr/lib/libiaf.so,
		 * ./usr/lib/libpam.so.1, and ./etc/passwd We skip it in the
		 * internal sftp chroot case.  We'll lose auditing and ACLs but
		 * permanently_set_uid will take care of the rest.
		 */
		if (!in_chroot && set_id(pw->pw_name) != 0)
			fatal("set_id(%s) Failed", pw->pw_name);
# endif /* USE_LIBIAF */
		/* Permanently switch to the desired uid. */
		permanently_set_uid(pw);

#ifdef HAVE_LOGIN_CAP
		r = login_getcapbool(lc, "requirehome", 0);
#endif
		if (r || !in_chroot) {
		    strcasecmp(options.chroot_directory, "none") == 0)
			fprintf(stderr, "Could not chdir to home "
			    "directory %s: %s\n", pw->pw_dir,
			    strerror(errno));
		}
		if (r)
			exit(1);
	}

Return to bug 2458

Lines 160-165 login_cap_t *lc; Link Here

(-)a/session.c (-19 / +15 lines)
160	#endif	160	#endif
161		161
162	static int is_child = 0;	162	static int is_child = 0;
		163	static int in_chroot = 0;
163		164
164	/* Name and directory of socket for authentication agent forwarding. */	165	/* Name and directory of socket for authentication agent forwarding. */
165	static char *auth_sock_name = NULL;	166	static char *auth_sock_name = NULL;
Lines 1490-1498 void Link Here
1490	do_setusercontext(struct passwd *pw)	1491	do_setusercontext(struct passwd *pw)
1491	{	1492	{
1492	char chroot_path, tmp;	1493	char chroot_path, tmp;
1493	#ifdef USE_LIBIAF
1494	int doing_chroot = 0;
1495	#endif
1496		1494
1497	platform_setusercontext(pw);	1495	platform_setusercontext(pw);
1498		1496
Lines 1520-1526 do_setusercontext(struct passwd *pw) Link Here
1520		1518
1521	platform_setusercontext_post_groups(pw);	1519	platform_setusercontext_post_groups(pw);
1522		1520
1523	if (options.chroot_directory != NULL &&	1521	if (!in_chroot && options.chroot_directory != NULL &&
1524	strcasecmp(options.chroot_directory, "none") != 0) {	1522	strcasecmp(options.chroot_directory, "none") != 0) {
1525	tmp = tilde_expand_filename(options.chroot_directory,	1523	tmp = tilde_expand_filename(options.chroot_directory,
1526	pw->pw_uid);	1524	pw->pw_uid);
Lines 1532-1540 do_setusercontext(struct passwd *pw) Link Here
1532	/* Make sure we don't attempt to chroot again */	1530	/* Make sure we don't attempt to chroot again */
1533	free(options.chroot_directory);	1531	free(options.chroot_directory);
1534	options.chroot_directory = NULL;	1532	options.chroot_directory = NULL;
1535	#ifdef USE_LIBIAF	1533	in_chroot = 1;
1536	doing_chroot = 1;
1537	#endif
1538	}	1534	}
1539		1535
1540	#ifdef HAVE_LOGIN_CAP	1536	#ifdef HAVE_LOGIN_CAP
Lines 1549-1564 do_setusercontext(struct passwd *pw) Link Here
1549	(void) setusercontext(lc, pw, pw->pw_uid, LOGIN_SETUMASK);	1545	(void) setusercontext(lc, pw, pw->pw_uid, LOGIN_SETUMASK);
1550	#else	1546	#else
1551	# ifdef USE_LIBIAF	1547	# ifdef USE_LIBIAF
1552	/* In a chroot environment, the set_id() will always fail; typically	1548	/*
1553	* because of the lack of necessary authentication services and runtime	1549	* In a chroot environment, the set_id() will always fail;
1554	* such as ./usr/lib/libiaf.so, ./usr/lib/libpam.so.1, and ./etc/passwd	1550	* typically because of the lack of necessary authentication
1555	* We skip it in the internal sftp chroot case.	1551	* services and runtime such as ./usr/lib/libiaf.so,
1556	* We'll lose auditing and ACLs but permanently_set_uid will	1552	* ./usr/lib/libpam.so.1, and ./etc/passwd We skip it in the
1557	* take care of the rest.	1553	* internal sftp chroot case. We'll lose auditing and ACLs but
1558	*/	1554	* permanently_set_uid will take care of the rest.
1559	if ((doing_chroot == 0) && set_id(pw->pw_name) != 0) {	1555	*/
1560	fatal("set_id(%s) Failed", pw->pw_name);	1556	if (!in_chroot && set_id(pw->pw_name) != 0)
1561	}	1557	fatal("set_id(%s) Failed", pw->pw_name);
1562	# endif /* USE_LIBIAF */	1558	# endif /* USE_LIBIAF */
1563	/* Permanently switch to the desired uid. */	1559	/* Permanently switch to the desired uid. */
1564	permanently_set_uid(pw);	1560	permanently_set_uid(pw);
Lines 1790-1800 do_child(Session s, const char command) Link Here
1790	#ifdef HAVE_LOGIN_CAP	1786	#ifdef HAVE_LOGIN_CAP
1791	r = login_getcapbool(lc, "requirehome", 0);	1787	r = login_getcapbool(lc, "requirehome", 0);
1792	#endif	1788	#endif
1793	if (r \|\| options.chroot_directory == NULL \|\|	1789	if (r \|\| !in_chroot) {
1794	strcasecmp(options.chroot_directory, "none") == 0)
1795	fprintf(stderr, "Could not chdir to home "	1790	fprintf(stderr, "Could not chdir to home "
1796	"directory %s: %s\n", pw->pw_dir,	1791	"directory %s: %s\n", pw->pw_dir,
1797	strerror(errno));	1792	strerror(errno));
		1793	}
1798	if (r)	1794	if (r)
1799	exit(1);	1795	exit(1);
1800	}	1796	}