| Summary: | Added project(4) support for Solaris 10 | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| Product: | Portable OpenSSH | Reporter: | Cory Erickson <cory.erickson> | ||||||||
| Component: | sshd | Assignee: | Assigned to nobody <unassigned-bugs> | ||||||||
| Status: | CLOSED FIXED | ||||||||||
| Severity: | normal | CC: | djm, dtucker | ||||||||
| Priority: | P2 | ||||||||||
| Version: | -current | ||||||||||
| Hardware: | All | ||||||||||
| OS: | Solaris | ||||||||||
| Bug Depends on: | |||||||||||
| Bug Blocks: | 1803 | ||||||||||
| Attachments: |
|
||||||||||
Hi, could you regenerate this patch as a unified diff ("diff -u") and reattach? Unified diffs are much easier to read and review.
Created attachment 1937 [details]
solaris project support added to SNAP-20100922
looks mostly ok but I'd like to put the code in port-solaris.c and the hook into platform.c for maintainability reasons. Created attachment 1948 [details]
openssh-solaris-projects.patch
Move code into port-solaris.c
Modified patch applied and it will be in 5.7p1. Thanks. Move resolved bugs to CLOSED after 5.7 release |
Created attachment 1929 [details] patch for solaris projects support Projects are the basis for resource controls in Solaris 10. The current openssh doesn't appear to support projects, so the default project (system) is inherited from the parent sshd: [ericksco]unixprd:~$ ssh themis Last login: Sun Sep 19 11:24:46 2010 from unixprd.mnscu.e Sun Microsystems Inc. SunOS 5.10 Generic January 2005 [ericksco]themis:~$ projects -d # displays default project default [ericksco]themis:~$ id -p # however, "system" project is inherited from sshd uid=1108(ericksco) gid=101(admins) projid=0(system) With the project support enabled, sshd can properly set the default project (as uid=0) before spawning client command/shell: [ericksco]unixprd:~$ ssh timmy Last login: Tue Sep 21 20:40:40 2010 from unixprd.mnscu.e Sun Microsystems Inc. SunOS 5.10 Generic January 2005 [ericksco]timmy:~$ projects -d # displays default project group.admins [ericksco]timmy:~$ id -p # now effective project is correct uid=1108(ericksco) gid=101(admins) projid=11(group.admins) The library calls utilized are: - getdefaultproj() Obtains the default project for the user logging in. - setproject() Sets the project for the session. Requires special privs (uid=0) or will fail.